Have you, or any of your users, received an email announcement that looks like it’s from Microsoft, talking about an update to Microsoft Outlook or Outlook Express? The email itself looks remarkably legitimate, and it would be easy to take it at face value. But receiving an email from Microsoft about an update is in itself a red flag, because Microsoft doesn’t issue updates or security warnings in that manner. Bloggers and security experts have been quick to pick up on this one, and are educating the public about the warning.

When unsuspecting users click on the link, thinking they will get an update to Outlook, they are taken to a rogue Web site that sends a Trojan horse to their computer.

The tricky attackers may actually get some takers, not only because of the realistic-looking email, but also because the notice comes out at about the same time Microsoft really is getting ready to release its monthly security patch.

Like most such bogus emails, the link contained in the email appears to go to Microsoft.com, but looking at the actual HTML (pass your cursor over it and see) will show that it goes somewhere else entirely. If you fall victim, you’ll get a piece of malware that appears to be a variant of Zbot, a Trojan used often to steal login details and take control of computers.

Microsoft is getting ready to launch the public beta of its free anti-malware product, code-named “Morro.” Because it’s free, and because it has the power of Microsoft behind it, it’s likely that there will be some major upheaval in the security market, at least in terms of perception. In reality, it won’t make that much of a difference.

Granted, “free” carries a lot of weight, but will it be a competitive threat? Will it displace other security products? Not likely. Morro will be a decidedly low-end product. Useful? Yes. But Microsoft isn’t really targeting corporate users here, and most corporate users wouldn’t be interested anyway. It will have some utility for home users, especially the home users that tend to slack off and avoid paying subscription fees. In the end, I think the presence of a free Morro will help the industry as a whole, since it will tend to fill a gap that currently exists, that being, people who don’t have anti-malware, or have outdated anti-malware. According to most reports, the majority of anti-virus software vendors are not seeing Morro as a serious threat.