WARNING: Bogus Update emailed out in Microsoft's Name

From: Al Dykes (adykes@panix.com)
Date: 02/23/03 

From: adykes@panix.com (Al Dykes)
Date: 23 Feb 2003 17:01:20 -0500

This message crawled into my inbox a few minutes ago and
it's a very professional looking update notice, especially
in html.

There was a file called 386patch.exe attached.

There really is a machine called newsletters.microsoft.net. I can't believe
 that MS would send out an unsolicited security update by email.

I have no idea where else to report this.

--------------------- Begin Message Text ----------------------
Subject: Internet Security Pack
From: "Microsoft Public Support"
       <codwmbitj_186377@newsletters.microsoft.com>
Date: Sun, 23 Feb 2003 19:47:13 +0100
To: "Microsoft Customer" <>
X-UIDL: 59e60ab5e0560300
X-Mozilla-Status: 0001
X-Mozilla-Status2: 10000000
Received: by mail3.panix.com (mbox adykes) (with Cubic Circle's cucipop
                   Sun Feb 23 14:58:10 2003)
X-From_: ida0644@yahoo.com Sun Feb 23 14:54:38 2003
Return-Path: <ida0644@yahoo.com>
X-Original-To: adykes@panix.com
Received: from ns.ranet.sk (utopia.maniac.sk [195.146.17.12])
           by mail3.panix.com (Postfix) with ESMTP id CC63C98289;
              Sun, 23 Feb 2003 14:54:26 -0500 (EST)
Received: From fgjldk (telecom-213-195-39.telecom.sk [213.81.195.39])
             by ns.ranet.sk (8.9.3/8.9.3/SuSE Linux 8.9.3-0.1)
             with SMTP id TAA15964; Sun, 23 Feb 2003 19:47:13 +0100
Message-ID: <200302231847.TAA15964@ns.ranet.sk>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="MRhTLXWKJeLhOlaE"

Microsoft Customer

this is the latest version of security update, the
"February 2003, Cumulative Patch" update which eliminates
all known security vulnerabilities affecting Internet Explorer,
Outlook and Outlook Express as well as five newly
discovered vulnerabilities. Install now to protect your computer
from these vulnerabilities, the most serious of which could allow
an attacker to run executable on your system. This update includes
the functionality of all previously released patches.

System requirements Win 9x/Me/2000/NT/XP
This update applies to Microsoft Internet Explorer, version 4.01 and later
Microsoft Outlook, version 8.00 and later
Microsoft Outlook Express, version 4.01 and later
Recommendation Customers should install the patch at the earliest opportunity.
How to install Run attached file. Click Yes on displayed dialog box.
How to use You don't need to do anything after installing this item.

Microsoft Product Support Services and Knowledge Base articles
can be found on the Microsoft Technical Support web site.
For security-related information about Microsoft products, please
visit the Microsoft Security Advisor web site, or Contact us.

Please do not reply to this message. It was sent from an unmonitored
e-mail address and we are unable to respond to any replies.

Thank you for using Microsoft products.

With friendly greetings,
Microsoft Public Support
)2003 Microsoft Corporation. All rights reserved. The names of the actual companies
and products mentioned herein may be the trademarks of their respective owners.

---------------- end ----------------- 

-- 
Al Dykes
-----------
adykes@panix.com

Relevant Pages