Re: Fictitious Microsoft Security Update email
From: Bruce Chambers (bchambers_at_nospamcableone.net)
Date: 12/09/03
- Next message: Jose: "WindowsXP-KB823980-x86-ENU.exe will not install!!!!!"
- Previous message: Mike Burgess: "Re: Trojan horse Downloader.Stubby.A"
- In reply to: Austin: "Fictitious Microsoft Security Update email"
- Next in thread: CJM: "Re: Fictitious Microsoft Security Update email"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 8 Dec 2003 22:20:46 -0700
Greetings --
What you received is either a very common, malicious hoax or the
output of a computer infected by one of several widely publicized,
wide-spread, mass emailing worms. This sort of email has been quite
common for at least the past 8 months. The most widely-known are:
W32.Swen.A_mm
http://securityresponse.symantec.com/avcenter/venc/data/w32.swen.a@mm.html
W32.Dumaru_mm
http://securityresponse.symantec.com/avcenter/venc/data/w32.dumaru@mm.html
W32.Gibe_mm
http://securityresponse.symantec.com/avcenter/venc/data/w32.gibe@mm.html
Microsoft never has, does not currently, and very probably never
will email unsolicited security patches. At the most, if, and only
if, you subscribe to their security notification newsletter, they will
send you an email informing you that a new patch is available for
downloading.
Microsoft Policies on Software Distribution
http://www.microsoft.com/technet/treeview/?url=/technet/security/policy/swdist.asp
Information on Bogus Microsoft Security Bulletin Emails
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/news/patch_hoax.asp
How to Tell If a Microsoft Security-Related Message Is Genuine
http://www.microsoft.com/security/antivirus/authenticate_mail.asp
Any and all legitimate patches and updates are readily available
at http://windowsupdate.microsoft.com/. (Notice that this is the true
URL, rather than the bogus one that may have been contained in the
email you received.) Any messages that point to any other source(s) or
claim to have the patch attached are bogus.
You're receiving these emails because your email address is in
the address book of someone infected with a worm, and/or because you
posted your real email address somewhere on-line, either in a forum
accessible to the public and spambots, such as Usenet, or on an
untrustworthy web site that subsequently sold your address as part of
a mailing list. One thing you can do is notify _everyone_ with whom
you've ever corresponded via email that one or more of them may be
infected with a mass emailing worm, and should take the appropriate
steps.
Bruce Chambers
-- Help us help you: http://dts-l.org/goodpost.htm http://www.catb.org/~esr/faqs/smart-questions.html You can have peace. Or you can have freedom. Don't ever count on having both at once. -- RAH "Austin" <anonymous@discussions.microsoft.com> wrote in message news:EAA769EC-9247-4C08-BEAF-006FB42DF997@microsoft.com... > I have just received an email which has a subject of: "Newest Security Update" and from "Microsoft Corporation Security Support" The contents of the email looks very legitimate however, the address that the email is from is lkzfptukibcqlvm@bulletin.com. Obviously fake. It also has an .exe attachment that looks like a IE update, i.e. q235453 > Has anyone received this email as well? What virus is attached to the email? I could not find any information at Symantec and McAfee's sites.
- Next message: Jose: "WindowsXP-KB823980-x86-ENU.exe will not install!!!!!"
- Previous message: Mike Burgess: "Re: Trojan horse Downloader.Stubby.A"
- In reply to: Austin: "Fictitious Microsoft Security Update email"
- Next in thread: CJM: "Re: Fictitious Microsoft Security Update email"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
