E-mail message

[rdetzig]

I have received an E-mail with an attachment. This mail
is supposedly from Microsoft and says: open this patch
immediately. I have Windows XP Home Edition, is this a
legimate message or is somebody trying to "bug" me? I
have not opened the attachment yet. Can somebody advise
me?
Thanks

 

[Mike Brannigan [MSFT]]

It's fake.
Do not open the attachment
see here
http://www.microsoft.com/security/incident/authenticate_mail.mspx
--
Regards,

Mike
--
Mike Brannigan [Microsoft]

This posting is provided "AS IS" with no warranties, and confers no
rights

Please note I cannot respond to e-mailed questions, please use these
newsgroups

 

[Guest]

Never open attachments unless you are expecting them and
they have been verified unless you dont really care about
the potential of loosing your data etc..

doesnt matter who it is from as their accounts may have
been comprimised as well.

atleast that is the security idea.

Also get into the habit of posting web links to
information rather then just email also have backups for
verification incase your message is intercepted. Of course
they could be extreme messures.

 

[Bruce Chambers]

Greetings --

What you're apparently receiving is the output of a computer
infected by one of several widely publicized, wide-spread, mass
emailing worms. The virus' authors have deliberately spoofed the
Microsoft information in the hopes of garnering more victims. This
sort of email has been very common for at the last year or more. The
most widely-known are:

W32.Swen.A_mm
http://securityresponse.symantec.com/avcenter/venc/data/[email protected]

W32.Dumaru_mm
http://securityresponse.symantec.com/avcenter/venc/data/[email protected]

W32.Gibe_mm
http://securityresponse.symantec.com/avcenter/venc/data/[email protected]

Trojan.Xombe
http://www.symantec.com/avcenter/venc/data/trojan.xombe.html

Microsoft never has, does not currently, and very probably never
will email unsolicited security patches. At the most, if, and only
if, you subscribe to their security notification newsletter, they will
send you an email informing you that a new patch is available for
downloading.

Microsoft Policies on Software Distribution
http://www.microsoft.com/technet/treeview/?url=/technet/security/policy/swdist.asp

Information on Bogus Microsoft Security Bulletin Emails
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/news/patch_hoax.asp

How to Tell If a Microsoft Security-Related Message Is Genuine
http://www.microsoft.com/security/antivirus/authenticate_mail.asp

Remember, any and all legitimate patches and updates are readily
available at http://windowsupdate.microsoft.com/. You should develop
the habit of checking this site at least once a month to keep your
computer up-to-date. (Notice that this is the true URL, rather than
the bogus one that may have been contained in the email you received.)
Any messages that point to any other source(s) or claim to have the
patch attached are bogus.

You're receiving these emails because your email address is in
the address book of someone infected with a worm, and/or because you
posted your real email address somewhere on-line, either in a forum
accessible to the public and spambots, such as Usenet, or on an
untrustworthy web site that subsequently sold your address as part of
a mailing list. One thing you can do is notify _everyone_ with whom
you've ever corresponded via email that one or more of them may be
infected with a mass emailing worm, and should take the appropriate
steps. You can also ask your ISP to take steps to preclude their mail
server from passing on such emails. Many ISPs have such filtering
capabilities.


Bruce Chambers
--
Help us help you:



You can have peace. Or you can have freedom. Don't ever count on
having both at once. - RAH