Be careful to open any friend invite notification from now on in Facebook, as there is a spam message "laden with a bomb of Trojan that will infect your browsers security and prove contagious for your computer if not detected on time.
The malicious spam messages are being created by a Cutwail botnet, which contain the Trojan code. When the message is opened in Facebook, your security gets compromised.
The delivery mechanism of the Trojan is in a form of a genuine Facebook friend notification, as the message has been designed to manipulate the Facebook message. Once the message is opened a list of links to malware sites is displayed. The message also does not contain any Facebook profile photos, along with a fake address that is given in the senders address location.
If you open the malware links in the message you will be asked for update Flash Player. Once you click on the link to update a hidden iFrame link will open that will then load data from the remote servers containing the Blackhole Exploit Kit. Once the exploit kit has been downloaded into your browsers the security settings mostly relating to Java installations will be affected.
This strain of malware is similar to the Zeus banking Trojan that also affects your computer settings. The best way to avoid such strands of malware is to check for any suspicious notifications or e-mail messages that appear in your Facebook account. Make sure, you only open the friend invites that have the profile picture of your friends.