An attacker uses deceptive methods to cause a user or an automated process
						to download and install dangerous code believed to be a valid update that
						originates from an attacker controlled source. Although there are several
						variations to this strategy of attack, the attack methods are united in that
						all rely on the ability of an attacker to position and disguise malicious
						content such that it masquerades as a legitimate software update which is
						then processed by a program, undermining application integrity. As such the
						attack employs 'spoofing' techniques augmented by psychological or
						technological mechanisms to disguise the update and/or its source.