Análisis realizado por Lala Manly

Despite being released in 2001, Windows XP remains a popular OS for users. According to reports, the OS still has around 30% of the user market share. In fact, additional data would suggest that the market share of Windows XP has actually grown in the past months.

This continued popularity has not gone unnoticed by spammers. We came across a spammed message that talks about a critical update for Windows XP Service Pack 2 and Service Pack 3. The timing of this so-called update is interesting, considering Service Pack 2 was released in 2004 and Service Pack 3, 2008.

The message contains a list of the things that the “update” will address, including fixing vulnerabilities and adding additional desktop themes. The update is actually malware, already detected as PE_SALITY.RL. This malware infects .EXE and .SCR files and can spread via removable and physical drives.

The use of a fake Windows XP update is notable, particularly as it coincides with the impending end of support for Windows XP. The large number of Windows XP users means that come April 8, a lot of people may find their computers vulnerable to exploits and other threats. The spammed message implies this as it claims to prepare the computer for Windows Vista.

User must be cautious when downloading updates or patches online. Users must always download these items from official sites and sources, not email messages. Windows XP users should also seriously consider upgrading their OS to newer versions of Windows to continue getting security support for their computers.

 Fecha/hora de bloqueo del spam: 04 de abril de 2014 GMT-8
 TMASE
  • Motor TMASE: 7.5
  • Patrón TMASE: 0608

Sobre el malware