There is a massive spam session running around with fake e-mails trying to spoof CNN news web site in order to make unsuspecting users download a malware file (get_flash_update.exe in this case).
Sample e-mail message with false links to compromised malware hosting sites:
The footer of the e-mail looks legit:
Large number of compromised sites are already down, but if it is working, you will get the following screen:
Clicking cancel will get you in the loop until you don’t start the “flash update” download:
Malware get_flash_update.exe gets downloaded: