Along with the vulnerabilities that Microsoft patched Tuesday, the software giant's customers have a new problem to grapple with: a fake notification e-mail that looks remarkably legitimate.

Attackers are apparently taking advantage of Microsoft's Patch Tuesday to send legitimate-looking e-mails that include a Trojan virus. Trojan.Backdoor.Haxdoor allows attackers to execute files and steal information from compromised computers. The fake mailing includes a legitimate-looking PGP signature, as well as purporting to come from a real Microsoft employee.

Christopher Budd, a security program manager in the Microsoft Security Response Center, offers this perspective on the e-mails in a security posting:

Posted by Justin Payton in Adware, Spyware and Trojans at 15:52

Q. Recently my computer was attacked by a program named Antivirus XP 2008 that, while claiming to protect your computer, is actually a virus itself.

It pops a big red warning block on the screen and asks the user to continue. Pressing continue brings up another screen asking for your Visa number so you can be billed $39.95 to get rid of the threat it has identified. Well, you'd have to be crazy to give them a credit card number.

I was unable to get rid of this attack software. Finally I had to reformat the hard disk, reload the operating system and begin anew. This malware is really bad news. If it should happen again, is there any way to get rid of it other than start all over?

-S.S., Swift Creek, N.C.

A. Antivirus XP 2008 is part of a growing threat category called "misleading applications," "rogue programs" or "scareware." These programs make false or exaggerated claims about the security of your system and request or demand payment to solve them.

Rogue programs can be found all over the Web, but they're more common on sites offering adult or pirated content, blogs and forums. Sometimes you can be infected just by visiting the site; other times, you may be tricked into downloading the program by bogus pop-up ads that look like Windows system warnings.

The problem is so pervasive that last week, Microsoft and the Washington state attorney general filed suit against two companies that use fake warnings to sell their Registry Cleaner XP software. They promised to pursue others, as well.

Posted by Justin Payton in Adware, Spyware and Trojans at 09:19

The World Bank Group's computer network — one of the largest repositories of sensitive data about the economies of every nation — has been raided repeatedly by outsiders for more than a year, FOX News has learned.

It is still not known how much information was stolen. But sources inside the bank confirm that servers in the institution's highly-restricted treasury unit were deeply penetrated with spy software last April. Invaders also had full access to the rest of the bank's network for nearly a month in June and July.

In total, at least six major intrusions — two of them using the same group of IP addresses originating from China — have been detected at the World Bank since the summer of 2007, with the most recent breach occurring just last month.

In a frantic midnight e-mail to colleagues, the bank's senior technology manager referred to the situation as an "unprecedented crisis." In fact, it may be the worst security breach ever at a global financial institution. And it has left bank officials scrambling to try to understand the nature of the year-long cyber-assault, while also trying to keep the news from leaking to the public.

Click Here to see the Email

The crisis comes at an awkward moment for World Bank president Robert Zoellick, who runs the world's largest and most influential anti-poverty agency, which doles out $25 billion a year, and whose board represents 185 member nations. This weekend, the bank holds its annual series of meetings in Washington — and just in advance of those sessions, Zoellick called for a radical revamping of multilateral organizations in light of the global economic meltdown.

Zoellick is positioning himself and the bank as an institution that can help chart a new path toward global financial stability. But that reputation, more than ever, depends on the bank's stable information infrastructure.

The fact that the information vaults of the World Bank have been repeatedly pried open won't help Zoellick's case.

While it remains unclear how much data has been pilfered from the bank, it's a lot. According to internal memos, "a minimum of 18 servers have been compromised," including some of the bank's most sensitive systems — ranging from the bank's security and password server to a Human Resources server "that contains scanned images of staff documents."

Click Here to see bank memos about the intrusions

Posted by Justin Payton in Adware, Spyware and Trojans at 16:32

Obama, as the conspiracy theorists see him, taken from an anti-Obama Website

I was pretty surprised when I got an e-mail this morning from a friend who’s a sophisticated figure in the local music scene. The e-mail amounts to a long conspiracy theory meant to suggest that Obama has questionable Muslim connections who may have funded his college tuition and other endeavors. Then I got the same e-mail today from a Fort Lewis-based sergeant I know serving in Iraq. It begins like this:

“Around 1979 Obama started college at Occidental in California. He is very open about his two years at Occidental, he tried all kinds of drugs and was wasting his time but, even though he had a brilliant mind, did not apply himself to his studies. ‘Barry’ (that was the name he used all his life) during this time had two roommates, Muhammad Hasan Chandoo and Wahid Hamid, both from Pakistan. During the summer of 1981, after his second year in college, he made a ‘round the world’ trip. Stopping to see his mother in Indonesia, next Hyderabad in India, three weeks in Karachi, Pakistan where he stayed with his roommate's family, then off to Africa to visit his father’s family. My question — Where did he get the money for this trip?”

Posted by Justin Payton in Adware, Spyware and Trojans at 10:16