Since January this year several users have received an e-mail apparently from Microsoft. The mail informs the receipient that the attachment to the mail is an upgrade to his/her Internet Explorer browser which fixes some bugs.

This mail is not originated from Microsoft, but spoofed by someone else. The attachment - Ie0199.exe - is a Trojan Horse. When executed the program makes modifications to the system and tries to opens connections to remote sites.

According to Microsoft its policy is not to distribute updates/patches in e-mails:

"Microsoft policy is to distribute all security patches through the Microsoft Web site, and not via e-mail. Microsoft may send security notifications via e-mail, but they will always reference a Microsoft URL for download. Users should not install patches attached to e-mail messages, even if those messages claim to be from Microsoft."

We refer to Microsoft's Internet Explorer Security Update page.

In general you should be careful and check all attachments to e-mail for viruses before executing those. This applies even if the e-mail appears to originate from a reliable company.

Updated versions of Norman Virus Control detect this Trojan, called WIN/IE_Patch.Trojan.

Per Olav Førland