There is lots of activity around an email and a fraudulent Microsoft Update web site (that the email directs you to), claiming that there is an urgent Microsoft update.
The web site looks like a legitimate Microsoft site and contains an “Urgent Install” button that, when clicked, attempts to download and install malicious software on your system. The file that attempts to download is not signed by Microsoft and is called “WindowsUpdateAgent30-x86-x64.exe”.
This web site is using fast flux DNS for its web hosting. That make it hard to track and close down, so we expect it to be around for awhile.
Please advise your users, if they receive this type of email, they should just delete it. Microsoft does not distribute updates by sending emails directly to individuals or distribution lists.
Credit to NW WARN for the contents of this advisory.
Peter H. Gregory 