Hackers are using Microsoft's upcoming monthly patch release as a way of spreading malware across cyberspace.

A number of web users have received an email, which claims to be from Microsoft security assurance director Steve Lipner.

The spam includes a .exe attachment, which the email claims is "an experimental private version of an update for all Microsoft Windows OS users".

Recipients are urged to install the update "in order to help protect your computer against security threats and performance problems", even though Microsoft never sends out security updates as email attachments. If users do open the attachment, a Trojan virus will infect their PC with malware.

See also: Neosploit hacker kit is back on the web

Visit Security Advisor for the latest internet threat news, FREE net threat email newsletters, and internet security product reviews