Re: Security Update for Microsoft Windows [KB819696]
From: David H. Lipman (DLipman~nospam~_at_Verizon.Net)
Date: 12/02/03
- Next message: Emily: "msn virus?"
- Previous message: Bill Sanderson: "Re: Trojan horse Downloader.Stubby.A"
- In reply to: rhwarwick_at_yahoo.com: "Security Update for Microsoft Windows [KB819696]"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 1 Dec 2003 23:02:19 -0500
Robert:
Your problem is NOT the same as John's as you believe.
John is going to the Windows Update web site and downloading and subsequently installing MS
Knowledge Base Patch KB819696 and after he installs it again shows up as a Critical Update
when he goes back to the Windows Update web site.
I asked if he was using WinME because I have seen the same problem described with other
WinME patches the most notable recurrent patch was Q329414, a MS Data Access Component
patch.
Your problem is COMPLETELY different in that by posting your real email address you became
the target of the Swen worm. Swen is news spelled backwards. It is named thusly because it
has the ability to post itself to UseNet News Groups and more importantly, the Swen worm
harvests email addresses from UseNet News Groups. Because you posted with your real,
unmunged, email address a Swen infected platform harvested your email address and then sent
itself to you in email. The Swen worm as well as Gibe, Dumaru and Torvil all masquerade as
patches from Microsoft but in reality are infectious Internet worms.
The reason that the Symantec Swen removal tool came up empty was most likely because you did
NOT execute and infect your platform. You can download the McAfee worm removal tool,
Stinger @ http://vil.nai.com/vil/stinger/ and try it as well on your PC.
All you can do is...
1. Keep your AV package up-to-date
2. Create email "rules" to auto-delete the offending messages
3. Petition your ISP to install AV software on their respective email servers.
4. Change your email address and always munge your email address when posting to UseNet
Dave
"rhwarwick@yahoo.com" <anonymous@discussions.microsoft.com> wrote in message
news:072801c3b885$489f0c90$a101280a@phx.gbl...
|
| Sarah:
| I am being tormented with the problem described by John,
| with his "Microsoft Security Update." I knew it was bogus
| and I have not downloaded the attachment.
|
| However, I am receiving tons of messages; as many a 20 a
| day! My Yahoo mail box is being swamped. They all have
| slightly different titles and senders but I can tell they
| are essentially the same. Yahoo help referred me to
| Symatec and I tried to contact them. They will not
| respond. Neither will Yahoo.
|
| I'm desperate. What shall I do to get this to stop?
|
| Robert
| Reply to rhwarwick@yahoo.com
|
| >-----Original Message-----
| >John writes:
| >>-----Original Message-----
| >>I have downloaded this patch numerous times, yet the
| >>Critical Updates alert keeps notifying me of this patch
| >>and suggests it be downloaded.
| >>
| >>Is it not downloading properly and/or why does Windows
| >>Update keep listing this as a critical update?
| >>
| >>Please e-mail me directly if you can! Thanks!
| >>
| >
| > There is a newsgroup specifically made to give info
| >on problems with Updates (microsoft.public.windowsupdate)
| > The answers there vary for the various updates, but
| >one common fix several of them have is simply to remove
| >the update and download it again. This definitely won't
| >fix all problems but it is simple enough to be worth a
| try.
| >Failing that, you might browse the newsgroup looking for
| >your operating system version and update number, or post
| >your specific problem there for an answer.
| > The reason posters are discouraged from using their
| >real e-mail addresses in newsgroups is that several
| >viruses "harvest" posted e-mail addresses to use as
| >targets for attempted exploits, so you might want to be
| >very careful in what e-mail you open now. Microsoft will
| >never send you e-mail with an attached file, so any mail
| >you receive that purports to be from Microsoft yet has an
| >attachment, should be considered infected.
| >.
| >
- Next message: Emily: "msn virus?"
- Previous message: Bill Sanderson: "Re: Trojan horse Downloader.Stubby.A"
- In reply to: rhwarwick_at_yahoo.com: "Security Update for Microsoft Windows [KB819696]"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
