New malware masquerades as Microsoft update