Is this really from Microsoft or is it Spoof

J

Jim Licata

I received an email claiming to be a Microsoft Security
Update. It claimed there was a new security fix out today
for IE 6, SP2. It provided a link to
http://www.microsoft.com/downloadiect. My system
currently has a virus Norton 2004 is not blocking, and is
acting funky in a number of ways. I have become very
suspicious of provided links lately. I cannot find
anything like this download by directly browsing the
Microsoft.com or Microsoft.com/download sites. If
Microsoft really created these, why can't I find any
reference to IE6 SP2 without using this link?

Is there a way to forward something like this email to
Microsoft so they can take action if it's false. It sure
looks real, but I have my doubts.

Jim
 
C

Colin Barnhorst

It is spoof. Microsoft does not send update emails with this kind of link.
If you click the link Microsoft will tell you that they do have a page
matching your search. Delete this email and empty the trash.
 
C

Colin Barnhorst

Correction. "do NOT have a page matching your search."
Sorry for the confusing answer.
 
C

Colin Nash [MVP]

Microsoft does send out messages about new patches, if you subscribed to
these updates, but they never include attachments. They *will* however
point you to links on the Microsoft.com web site.

The following message went out today (yes there is a patch out for Internet
Explorer.) It looks like you just confused the "j" with an "i" (at least in
your post here.)


You can get the patch from Windows Update if you don't want to follow the
link in the message.



--
Colin Nash
Microsoft MVP
Windows Printing/Imaging/Hardware

---
-----BEGIN PGP SIGNED MESSAGE-----

MICROSOFT SECURITY UPDATE

July 2, 2004

SECURITY UPDATE SUMMARY
On Friday, July 2, 2004, Microsoft is releasing a configuration
change for
Microsoft Windows(r) XP, Windows 2000, and Windows Server(tm) 2003 to
address recent malicious attacks against Microsoft Internet
Explorer.

LEARN MORE
To learn more about this update, review this notice on
Microsoft.com:
http://www.microsoft.com/downloadject

Windows customers are encouraged to apply this configuration change
immediately to help protect against current Internet Explorer
issues. The
update is available on the Windows Update Web site.
http://windowsupdate.microsoft.com

Customers who have installed Windows XP Service Pack 2 RC2 are not
at risk and do not need this configuration change.

__________________________________________________

BEWARE OF BOGUS BULLETINS
If you get e-mail that claims to contain a Microsoft software
update, it is probably a virus trying to trick you into infecting
your computer. Microsoft never widely distributes software in e-
mail. Learn how to spot a bogus bulletin:
http://www.microsoft.com/verifymail

__________________________________________________

ADDITIONAL RESOURCES

SECURITY WEB SITE
http://www.microsoft.com/security/

HELP PROTECT YOUR PC FROM BAGLE, NETSKY, AND OTHER MASS MAILER WORMS
http://www.microsoft.com/security/incident/mass_mailer.mspx

SECURITY BULLETIN SEARCH TOOL
http://www.microsoft.com/technet/security/current.aspx

SECURITY NEWSGROUPS
http://go.microsoft.com/?LinkID=436862

PROTECT YOUR PC
http://www.microsoft.com/security/protect/

__________________________________________________

ABOUT THE MICROSOFT SECURITY UPDATE
The Microsoft Security Update is an e-mail alert service designed
for home users and small businesses that provides information about
Microsoft security updates and virus alerts. Microsoft also uses
this service to make subscribers aware that they might need to take
action to guard against a circulating security threat.

You have received this update because you are a subscriber. If
you would like to unsubscribe, follow the instructions at the bottom
of this page.
__________________________________________________

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.1

iQEVAwUBQOVEb40ZSRQxA/UrAQHDOgf9Hg35nzfx4YZ/gV1x307K8SnP79QwUiY7
nAv4uqYzqbxSlT4tVBl3nLK0f6ozNjAWLPnUh9E0P58J91lCrpwzDaBXP2DkdALI
pbADH16HiPnULWq6+Me/+NpLqYNKWEzA802JQgEi8F6v7GUHpRQK46Nu6bTw82hu
/C0JPb4cFQAkeTMD++UaGZhYZiF0feae0RuT+bqrgjRMbX/WrFU1q2HD8C9ktyaX
pIx8UtKvM2I31hy2imP73DbvdXJldAUjklK9K3exU8jrQGKtZFNWqCR8GVOx3bwR
Wy8a7GJHDgIgyqyJVIf+/Th/ZiDQ2m9oNebeOjYm08JfRqNu1qbFGg==
=tRQa
-----END PGP SIGNATURE-----



To verify the digital signature on this bulletin, please download our PGP
key at http://www.microsoft.com/technet/security/notify.asp.

You may cancel your subscription to this newsletter by doing one of the
following:

* Reply to this message with the word UNSUBSCRIBE in the Subject line.

* Click
mailto:1_63141_4D5D42EA-E2D7-4A07-815D-A2B7E78AD6C1_CA@Newsletters.Microsoft.com?subject=UNSUBSCRIBE
to send an unsubscribe message.

THIS DOCUMENT AND OTHER DOCUMENTS PROVIDED PURSUANT TO THIS PROGRAM ARE FOR
INFORMATIONAL PURPOSES ONLY. The information type should not be interpreted
to be a commitment on the part of Microsoft and Microsoft cannot guarantee
the accuracy of any information presented after the date of publication.
INFORMATION PROVIDED IN THIS DOCUMENT IS PROVIDED "AS IS" WITHOUT WARRANTY
OF ANY KIND. The user assumes the entire risk as to the accuracy and the use
of this document.

Microsoft.com newsletter e-mail may be copied and distributed under the
following conditions:

* All text must be copied without modification and all pages must be
included.

* All copies must contain the Microsoft copyright notice and any other
notices provided therein.

* This document may not be distributed for profit.
 
B

Bruce Chambers

Greetings --

What you're apparently receiving is the output of a computer
infected by one of several widely publicized, wide-spread, mass
emailing worms. The virus' authors have deliberately spoofed the
Microsoft information in the hopes of garnering more victims. This
sort of email has been very common for at the last year or more. The
most widely-known are:

W32.Swen.A_mm
http://securityresponse.symantec.com/avcenter/venc/data/[email protected]

W32.Dumaru_mm
http://securityresponse.symantec.com/avcenter/venc/data/[email protected]

W32.Gibe_mm
http://securityresponse.symantec.com/avcenter/venc/data/[email protected]

Trojan.Xombe
http://www.symantec.com/avcenter/venc/data/trojan.xombe.html

Microsoft never has, does not currently, and very probably never
will email unsolicited security patches. At the most, if, and only
if, you subscribe to their security notification newsletter, they will
send you an email informing you that a new patch is available for
downloading.

Microsoft Policies on Software Distribution
http://www.microsoft.com/technet/treeview/?url=/technet/security/policy/swdist.asp

Information on Bogus Microsoft Security Bulletin Emails
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/news/patch_hoax.asp

How to Tell If a Microsoft Security-Related Message Is Genuine
http://www.microsoft.com/security/antivirus/authenticate_mail.asp

Remember, any and all legitimate patches and updates are readily
available at http://windowsupdate.microsoft.com/. You should develop
the habit of checking this site at least once a month to keep your
computer up-to-date. (Notice that this is the true URL, rather than
the bogus one that may have been contained in the email you received.)
Any messages that point to any other source(s) or claim to have the
patch attached are bogus.

You're receiving these emails because your email address is in
the address book of someone infected with a worm, and/or because you
posted your real email address somewhere on-line, either in a forum
accessible to the public and spambots, such as Usenet, or on an
untrustworthy web site that subsequently sold your address as part of
a mailing list. One thing you can do is notify _everyone_ with whom
you've ever corresponded via email that one or more of them may be
infected with a mass emailing worm, and should take the appropriate
steps. You can also ask your ISP to take steps to preclude their mail
server from passing on such emails. Many ISPs have such filtering
capabilities.


Bruce Chambers
--
Help us help you:



You can have peace. Or you can have freedom. Don't ever count on
having both at once. - RAH
 
B

Bruce Chambers

Greetings --

Perhaps you're right; the link looked "fishy" to me, but does, on
second thought, seem to lead to a true Microsoft site.

Bruce Chambers
--
Help us help you:



You can have peace. Or you can have freedom. Don't ever count on
having both at once. - RAH
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Internet Security Update spoof 2
Is this really microsoft? 3
Is this legit? 3
Is this scam or real thing? 7
Did Microsoft send this email? or is this a scam 3
Microsoft Security Response Center - TechED Focus group 1
is this a legitamate newsletter from microsoft? 4
Email from Microsoft???? 16

Top