Microsoft Patch,exe has a virus

N7TKO · Aug 27, 2003

In the email today was a file titled from Microsoft Subject--Use this
patch imminently! Being skeptical, I did not download the attachment
"Patch.exe" Almost imminently AVG 6.0 came on saying it was a virus, and
removed it. It said what the virus was named, but I did not remember it as
it was removed so fast.

Also in the same email was one Microsoft Subject Microsoft Security
pack. The attachment is Q358489.exe. This looks ok, but mot sure. Any
one else get these and do you think the Security patch is ok?

Bert

Chris Lanier · Aug 27, 2003

NEVER install ANY patch you get from an e-mail. Microsoft will NEVER send
you e-mails with attachments.

Windows Update for all your updates
http://v4.windowsupdate.microsoft.com/en/default.asp

Mike Kolitz · Aug 28, 2003

Microsoft does not e-mail patches to anyone.* If you are e-mail a "patch"
from Microsoft, delete it. Period.

*The exception, of course, is Product Support Services - but they never send
an unsolicited patch. You'll only get e-mail with attachments from PSS if
you've spoken with one of their technicians, and they deemed it necessary to
send you a patch. Even then, the patch doesn't come from "Microsoft", it
comes from the technician.

--
Mike Kolitz MCSE 2000
MS-MVP - Windows Setup and Deployment

PATCH YOUR WINDOWS NT/2000/XP/2003 COMPUTERS!
http://www.microsoft.com/technet/security/bulletin/MS03-026.asp

Bruce Chambers · Aug 28, 2003

Greetings --

It's good that you're skeptical, but, had you taken a few minutes
to check the headers of the email, you would have seen immediately
that it wasn't from Microsoft.

Any and all legitimate patches and updates are readily available
at http://windowsupdate.microsoft.com/. (Notice that this is the true
URL, rather than the bogus one that may have been contained in the
email you received.) Any messages that point to any other source(s) or
claim to have the patch attached are bogus.

What you probably received is either a malicious hoax or the
output of a computer infected by one of several relatively new, but
wide-spread, mass emailing worms.

Microsoft never has, does not currently, and never will email
unsolicited security patches. At the most, if, and only if, you
subscribe to their security notification newsletter, they will send
you an email informing you that a new patch is available for
downloading.

Microsoft Policies on Software Distribution
http://www.microsoft.com/technet/treeview/?url=/technet/security/policy/swdist.asp

Information on Bogus Microsoft Security Bulletin Emails
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/news/patch_hoax.asp

Bruce Chambers

--
Help us help you:

You can have peace. Or you can have freedom. Don't ever count on
having both at once. -- RAH

JMP · Aug 28, 2003

I also got that email and Norton AV said it repaired the file, placed a
backup in the quaratine part there...which I deleted. I checked
c:\windows...and there is a file there Patch.exe showing todays date. I
never opened it. How did it get there? Can I delete it??

Michael Stevens · Aug 28, 2003

I also got that email and Norton AV said it repaired the file, placed
a
backup in the quaratine part there...which I deleted. I checked
c:\windows...and there is a file there Patch.exe showing todays date.
I
never opened it. How did it get there? Can I delete it??

Yes, delete it; the attachment was the virus and was not sent by the person
listed as the sender. Never apply a patch sent by email from any software
developer. This is not the way a reputable software developer will notify
the consumer that a update is available.
--

Michael Stevens MS-MVP XP
(e-mail address removed)
http://michaelstevenstech.com
For a better newsgroup experience. Setup a newsreader.
http://michaelstevenstech.com/outlookexpressnewreader.htm

Stephen · Aug 28, 2003

Bruce, yes, not knowing what to do with an executable sent to him by email
I'm sure his first thought would be to open the Message Properties then go
to the Details and then click the Message Source button. Thereupon, he would
expertly analyze the message headers to determine the true source of the
message.

Cheers and have a good one.

:blush:

Alex Nichol · Aug 28, 2003

N7TKO said:
In the email today was a file titled from Microsoft Subject--Use this
patch imminently! Being skeptical, I did not download the attachment
"Patch.exe" Almost imminently AVG 6.0 came on saying it was a virus, and
removed it. It said what the virus was named, but I did not remember itas
it was removed so fast.

Also in the same email was one Microsoft Subject Microsoft Security
pack. The attachment is Q358489.exe. This looks ok, but mot sure. Any
one else get these and do you think the Security patch is ok?

Those are *not* from Microsoft, and certainly be trusted *to* contain a
virus, Delete them and on no account open the attachments. Microsoft
*never* sends out patches by e-mail

Bruce Chambers · Aug 29, 2003

Greetings --

Yes, that's what anyone reasonably aware of the state of the
Internet and the means by which viruses are transmitted would do.

Bruce Chambers

--
Help us help you:

You can have peace. Or you can have freedom. Don't ever count on
having both at once. -- RAH

Google discloses Microsoft Edge security flaw before a patch is ready	2	Feb 19, 2018
Microsoft makes emergency security fix	1	May 9, 2017
Notice of Virus on E-mail	5	Jan 11, 2004
Microsoft patch	1	Sep 25, 2003
Virus in MS IE Security Patch for October	4	Oct 27, 2003
patch.exe	8	Aug 31, 2003
Is it Microsoft or is it Virus???	4	Dec 5, 2003
Cumularive Patch update	8	Sep 22, 2003

Microsoft Patch,exe has a virus

N7TKO

Chris Lanier

Mike Kolitz

Bruce Chambers

JMP

Michael Stevens

Stephen

Alex Nichol

Bruce Chambers

Ask a Question

Similar Threads