I regularly get prompts from various sources like Microsoft, Firefox, Adobe etc. that state an update is ready for me to download. It crossed my mind that scammers and other forms of low life could send fake update messages which could presumeably infect your computer if downloaded. Is this a common problem and how do I guard against it?
I guess one of the best ways would be to ignore any popup but to go to the companies website and download it directly from there. I think this sort of thing has been exploited before, I seem to remember a fake flash update before.
That's what I tend to do if I get a notification of an update, shut it down and go directly to the vendor's site.
Alternatively, install Secunia PSI (http://secunia.com/vulnerability_scanning/personal/), that will tell you when anything is out of date, and will obtain the updates for you.
I've decided Adobe are in my list of Malware providers now! :rant2:
[edit]
Speaking of updates... (looks at his sig) when did speedtest.net get updated? I could have sworn I used a custom .gif instead. Must have updated it with my latest speed. ;D
Today, Ben.
You can always just go to http://windowsupdate.microsoft.com (on Vista and 7 this will pop up the Windows Update panel rather than displaying a page)