MICROSOFT has issued a “highly unusual” software patch for Windows XP, Windows Vista, Windows 7 to protect against the spread of the WannaCry malware that crippled a number of NHS hospitals earlier this year.
The application responsible for that behavior is a very simple Birthday Reminder program. It actually works, but also has interesting features that are not explicitly disclosed to the user. We have seen the Birthday Reminder program download and execute additional components that hook DNS requests in order to inject ads into webpages. We (ESET) have named this new threat DNSBirthday.