Strange Update

[Marinero]

Dear, Sirs!
Yesturday received strange letter please advise is it original Microsoft
Critical Patch or somthing else
The tekst of the letter from the adderess
(e-mail address removed)>

Microsoft Consumer

this is the latest version of security update, the "January 2004,
Cumulative Patch" update which eliminates all known security vulnerabilities
affecting MS Internet Explorer, MS Outlook and MS Outlook Express as well as
three newly discovered vulnerabilities. Install now to help protect your
computer. This update includes the functionality of all previously released
patches.


System requirements Windows 95/98/Me/2000/NT/XP
This update applies to MS Internet Explorer, version 4.01 and later
MS Outlook, version 8.00 and later
MS Outlook Express, version 4.01 and later
Recommendation Customers should install the patch at the earliest
opportunity.
How to install Run attached file. Choose Yes on displayed dialog box.
How to use You don't need to do anything after installing this item.

Microsoft Product Support Services and Knowledge Base articles can be
found on the Microsoft Technical Support web site. For security-related
information about Microsoft products, please visit the Microsoft Security
Advisor web site, or Contact Us.

Thank you for using Microsoft products.

 

[RJK]

DELETE it immediately, DO NOT do what it says!

regards, Richard

 

[Marinero]

Thank you very much!

DELETE it immediately, DO NOT do what it says!

regards, Richard


well

 

[Guest]

A definate delete. Microsoft patches are NOT the same for
all of the listed OS in that email. Also microsoft
typically shows you the needed updates via your
scheduler. Not via email, and certainly not from a
generic addy such as that. So in short I agree, do not
open that file!!!

 

[Bruce Chambers]

Greetings --

What you received is either a very common, malicious hoax or the
output of a computer infected by one of several widely publicized,
wide-spread, mass emailing worms. This sort of email has been quite
common for at least the past 9 months. The most widely-known are:

W32.Swen.A_mm
http://securityresponse.symantec.com/avcenter/venc/data/[email protected]

W32.Dumaru_mm
http://securityresponse.symantec.com/avcenter/venc/data/[email protected]

W32.Gibe_mm
http://securityresponse.symantec.com/avcenter/venc/data/[email protected]

Trojan.Xombe
http://www.symantec.com/avcenter/venc/data/trojan.xombe.html

Microsoft never has, does not currently, and very probably never
will email unsolicited security patches. At the most, if, and only
if, you subscribe to their security notification newsletter, they will
send you an email informing you that a new patch is available for
downloading.

Microsoft Policies on Software Distribution
http://www.microsoft.com/technet/treeview/?url=/technet/security/policy/swdist.asp

Information on Bogus Microsoft Security Bulletin Emails
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/news/patch_hoax.asp

How to Tell If a Microsoft Security-Related Message Is Genuine
http://www.microsoft.com/security/antivirus/authenticate_mail.asp

Any and all legitimate patches and updates are readily available
at http://windowsupdate.microsoft.com/. (Notice that this is the true
URL, rather than the bogus one that may have been contained in the
email you received.) Any messages that point to any other source(s) or
claim to have the patch attached are bogus.

You're receiving these emails because your email address is in
the address book of someone infected with a worm, and/or because you
posted your real email address somewhere on-line, either in a forum
accessible to the public and spambots, such as Usenet, or on an
untrustworthy web site that subsequently sold your address as part of
a mailing list. One thing you can do is notify _everyone_ with whom
you've ever corresponded via email that one or more of them may be
infected with a mass emailing worm, and should take the appropriate
steps.


Bruce Chambers

--
Help us help you:



You can have peace. Or you can have freedom. Don't ever count on
having both at once. -- RAH