patch.exe

[Mark & Donna Corbelli]

just got an email from "MS internet security center" about an august
cumulative patch that solves all known security issues. However, the
attachment "patch.exe" was intercepted and quaranteened by Norton as
containing a virus. The email looks legit. Anyone had a similar experience?
If it's indeed a virus it's a sad day when they have figured out how to
infect us when we are trying to protect ourselves.

 

[Sparker9]

Microsoft does not send unsolicited e-mail containing attachments to its customers.

Information on Bogus Microsoft Security Bulletin E-mails
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/news/patch_hoax.asp

 

[EGMcCann]

Microsoft does not send patches via email.

While we're at it:
The cookie reciipe is a hoax, though some say it still is a decent cookie.
Bill Gates is not giving $1000 to the first thousand people to forward the
email.
There is no free disney trip for forwarding email.
If you click on the Seven Dwarves attachment, you don't get Snow White
porn - but you do catch a bug.
They aren't going to give you 10% of the 10 million dollars from Nigeria,
South Africa, or anywhere else.
If you get an email saying "Delete this file from your Windows directory,"
check the antivirus manufacutrers hoax listing first.

 

[Opinicus]

The email looks legit.

Did you check the headers?

 

[Larry Samuels MS-MVP XP \(Shell/User\)]

DO NOT open the file--it is NOT from MS.
Microsoft NEVER sends unsolicited files by email.

It is a virus masquerading as MS security.
The current one circulating is dumaru.b
http://securityresponse.symantec.com/avcenter/venc/data/[email protected]

If by chance you did open the file:
From a post by Bill Sanderson MVP:
Here's where to get the removal tool:
http://securityresponse.symantec.com/avcenter/venc/data/[email protected]

Read the instructions completely, paying particular attention to the part
about System Restore on XP and Me.


--
Larry Samuels MS-MVP (Windows-Shell/User)
Associate Expert
Unofficial FAQ for Windows Server 2003 at
http://home.earthlink.net/~larrysamuels/WS2003FAQ.htm
Expert Zone -

 

[Mark & Donna Corbelli]

The headers look good plus there are microsoft copywrite statements at the
bottom. There is no question it's bogus but it looks very real.

 

[Bruce Chambers]

Greetings --

Could you post those headers here, please? All of the previous
ones we've seen "claimed" to have come from the Russian government - a
pretty clear indication that the email was bogus.

Bruce Chambers

--
Help us help you:



You can have peace. Or you can have freedom. Don't ever count on
having both at once. -- RAH

 

[Mark & Donna Corbelli]

Microsoft Client

this is the latest version of security update, the
"August 2003, Cumulative Patch" update which eliminates
all known security vulnerabilities affecting Internet Explorer,
Outlook and Outlook Express as well as five newly
discovered vulnerabilities. Install now to protect your computer
from these vulnerabilities, the most serious of which could allow
an attacker to run executable on your system. This update includes
the functionality of all previously released patches.

System requirements Win 9x/Me/2000/NT/XP
This update applies to Microsoft Internet Explorer, version 4.01 and
later
Microsoft Outlook, version 8.00 and later
Microsoft Outlook Express, version 4.01 and later
Recommendation Customers should install the patch at the earliest
opportunity.
How to install Run attached file. Click Yes on displayed dialog box.
How to use You don't need to do anything after installing this item.

Microsoft Product Support Services and Knowledge Base articles
can be found on the Microsoft Technical Support web site.
For security-related information about Microsoft products, please
visit the Microsoft Security Advisor web site, or Contact us.

Please do not reply to this message. It was sent from an unmonitored
e-mail address and we are unable to respond to any replies.

Thank you for using Microsoft products.

Best wishes from
MS Internet Security Center

----------------------------------------------------------------------------

 

[Mark & Donna Corbelli]

X-Symantec-TimeoutProtection: 0
X-Symantec-TimeoutProtection: 1
Received: from sccrgxc03.comcast.net ([204.127.202.63])
by sccrmxc11.comcast.net (sccrmxc11) with ESMTP
id <20030831070334s11006csc7e>; Sun, 31 Aug 2003 07:03:34 +0000
Received: from mta3.adelphia.net ([68.168.78.181])
by comcast.net (sccrgxc03) with ESMTP
id <20030831070334e0300dlejae>; Sun, 31 Aug 2003 07:03:34 +0000
Received: from iEmPX ([68.65.165.82]) by mta3.adelphia.net
(InterMail vM.5.01.05.32 201-253-122-126-132-20030307) with SMTP
id <20030831070319.MNWL10845.mta3.adelphia.net@iEmPX>;
Sun, 31 Aug 2003 03:03:19 -0400
FROM: "MS Internet Security Center" <[email protected]>
TO: "Microsoft Client"
SUBJECT: Microsoft Security Patch
Mime-Version: 1.0
Content-Type: multipart/mixed; boundary="GSiOmYqlkfFijmuYo"
Message-Id: <20030831070319.MNWL10845.mta3.adelphia.net@iEmPX>
Date: Sun, 31 Aug 2003 03:03:33 -0400

--GSiOmYqlkfFijmuYo
Content-Type: multipart/alternative; boundary="mflvSTbTyBxRYpn"

--mflvSTbTyBxRYpn
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable