Security companies on March 8 warned of the emergence of a new computer virus, mimicking Microsoft's security patches, in order to create "psychological peace of mind" for users when displaying false alerts. Their computers are not infected by the virus.
& nbsp;
It is the Sober.d virus (also known as Roca.a), which is included in an e-mail message with headlines in both languages: "Microsoft Alert: Please Read!" (English) and "Microsoft Alarm: Bitte Lesen!" (German). In essence, this e-mail has disguised the message from Microsoft, asking users to open an attachment (in the executable file or zip file) so the virus can infiltrate the computer.
& nbsp;
If the user activates the attachment, Sober.d will scan the computer for the latest version of the Mydoom worm. If the computer is not infected, Sober.b will display the message: "Windows Update - MS-Q4232361791-" , with headline: "The patch has been successfully installed" (the patch was successfully installed). If the computer is infected with a variant of Mydoom, Sober.d will change the message to: "This patch does not need to be installed on this system" (This patch does not need to be installed on the system). The purpose of this announcement is to reassure users that their computer is not infected, but is actually infected.
& nbsp;
Sober.d is not the first virus disguised as a security update from Microsoft. Last year, the Swen virus also took advantage of a message from Microsoft to trick thousands of computer users. Microsoft has never made a security upgrade via e-mail.
& nbsp;
In terms of the dangerous nature of Sober.d, Network Associates ranked this worm on the "average" threat list. Meanwhile, Symantec ranks Sober.d at 3 out of 5 virus dangers. The C.Net
