Fake or real?

Discussion in 'Windows XP Security' started by Tom Moers, Oct 1, 2003.

  1. Tom Moers

    Tom Moers Guest

    Is a sender with an address "support.msdn.com" sending an email with
    an"Upgrade.exe" file attached legitimate?
    Tom Moers, Oct 1, 2003
    1. Advertisements

  2. Microsoft never ever send patches via email.
    See http://www.microsoft.com/security/antivirus/authenticate_mail.asp
    and install a virus scanner, please!
    I hope you enjoyed your holidays. The SWEN-worm is active since 19th
    Sept. and famous through internet, newsletters, magazines, TV.

    Ciao, Walter
    Walter Schulz, Oct 1, 2003
    1. Advertisements

  3. Greetings --

    What you received is either a very common malicious hoax or the
    output of a computer infected by one of several wide-spread, mass
    emailing worms. The most widely-known are:




    Microsoft never has, does not currently, and never will email
    unsolicited security patches. At the most, if, and only if, you
    subscribe to their security notification newsletter, they will send
    you an email informing you that a new patch is available for

    Microsoft Policies on Software Distribution

    Information on Bogus Microsoft Security Bulletin Emails

    How to Tell If a Microsoft Security-Related Message Is Genuine

    Any and all legitimate patches and updates are readily available
    at http://windowsupdate.microsoft.com/. (Notice that this is the true
    URL, rather than the bogus one that may have been contained in the
    email you received.) Any messages that point to any other source(s) or
    claim to have the patch attached are bogus.

    You're receiving these emails because your email address is in
    the address book of someone infected with a worm, and/or because you
    posted your real email address somewhere on-line, either in a forum
    accessible to the public and spambots, such as Usenet, or on an
    untrustworthy web site that subsequently sold your address as part of
    a mailing list. One thing you can do is notify _everyone_ with whom
    you've ever corresponded via email that one or more of them may be
    infected with a mass emailing worm, and should take the appropriate

    There's probably no way of blocking all of the bogus messages, but
    you can greatly reduce the number you get by creating a rule, based
    upon the most commonly used subject lines, to delete the emails from
    the server without ever downloading them.

    Bruce Chambers

    Help us help you:

    You can have peace. Or you can have freedom. Don't ever count on
    having both at once. -- RAH
    Bruce Chambers, Oct 2, 2003
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.