Spammers using "Microsoft" name to trick users to install Malware
A fake phishing email making the rounds seemingly comes from Microsoft, but actually contains a “backdoor” trojan.
The email has a subject line that reads, “Security Update for OS Microsoft Windows” and supposedly came from the "Microsoft Official Update Center" at a domain named securityassurance[at]microsof[dot]com.
The message urges users to run an attached file to install an update that the email said will protect from the recipient from security threats and performance problems.
The malicious attachment is not a Microsoft update, but rather malware identified as “Trojan.Backdoor.Haxdoor,” which has the potential to turn computers into bots or enable an attacker to access corporate networks.
Please refer here to read advice from Roger Halbheer, as mentioned by him, Microsoft will never send updates or any kind of software as attachment via e-mail.