Cybercriminals are spreading malware under the disguise of a critical security patch from Microsoft. The emails have a subject line of “Update your Windows” and contain the following text: Update your Windows. The messages claim to come from no-reply@microsft.com. Microsoft never distributes security updates via email attachments. The worm even quotes the real name of a senior member of Microsoft’s security team – Steve Lipner – to try to fool you into believing it is genuine. However, Mr Lipner has nothing to do with the emails and Microsoft never releases them.
Source: https://thehackernews.com/2011/01/fake-microsoft-security-update-spreads.html