Beware of emails inviting you to download the latest beta version of Internet Explorer 7.0 – it could be a new worm. 

The latest scam, which claims to come from admin@microsoft.com and has the subject line "Internet Explorer 7 Downloads" look very convincing and lack the usual poor language and layout that often characterises these kind of mails.
Instead, the mail displays an image, very like the legitimate Microsoft imagery, which invites users to download beta 2 of Internet Explorer 7. However, users who click on the image will download a file called ie7.0.exe which is infected by the W32/Grum-A worm.
"Worms like this are only succeeding in spreading because so many people have still not learnt to be suspicious of unsolicited emails, even if they claim to come from well-known companies like Microsoft," says Graham Cluley, senior technology consultant for Sophos.
"The problem is that to the casual observer the email looks genuine, and the image displayed looks near-identical to the imagery that Microsoft is using on its website to promote Internet Explorer 7.0. Clicking on the image, however, doesn't download the real beta – but malicious code straight from the hackers."
The Grum worm is an appender virus which infects executable files referenced by Run keys in the Windows Registry. When run it copies itself to <Temp>winlogon.exe and makes changes to the Registry. It also edits the HOSTS file, injecting a thread into system.dll and attempts to patch the system files ntdll.dll and kernel32.dll.