Fake windows patches via google

I ran across this last week while helping a bank determine what Windows patch broke one of their internal applications. This meant I was manually installing different patches one by one (Including SP2 for XP) - and looking for them on Google. In one of my searches I came across this search result:



Now looking at the highlighted result...can you see anything wrong with it? No, I can't either.

Now look at the page you get to when clicking on the link:



Now obviously I do not need SP2 for IE 5.5. Still...this is is bad. Why? Looks like a MS page right?

Look at the URL at the top of the browser:



Ugg. After some more poking around it looks like thesource.ofallevil.com has an exact mirror of the MS website. I have not tested any of the executables for viruses, or spyware - but for some reason I don't think they have good intentions in mind for you or your network.

I have stopped searching for MS patches on Google, and started looking for them directly on the MS website. I suggest you do the same.

Written by Steve Wiseman on October 2nd, 2007 with comments disabled.
Read more articles on News.

• [+] Digg: Feature this article
• [+] Del.icio.us: Bookmark this article
• [+] Furl: Bookmark this article

Related articles

• How to install VMWARE on UBUNTU .bundle what to do with it! (November 21st, 2008)
• YouTube videos go HD with a simple hack (November 20th, 2008)
• A paean for technology-free(?) childhood (November 20th, 2008)
• Samsung launches 256GB solid-state drive (November 20th, 2008)
• I just got this email from Microsoft Foldershare! (November 20th, 2008)