Source: installation.exe

TheMSsForum.com: The Microsoft Software Forum

Be advised this bogus Microsoft Security email is=20
circulating.

Microsoft All Products | Support | Search | =20
Microsoft.com Guide =20
Microsoft Home =20
=20

Microsoft User

this is the latest version of security update,=20
the "September 2003, Cumulative Patch" update which=20
resolves all known security vulnerabilities affecting MS=20
Internet Explorer, MS Outlook and MS Outlook Express.=20
Install now to protect your computer from these=20
vulnerabilities, the most serious of which could allow an=20
malicious user to run executable on your computer. =20


System requirements Windows 95/98/Me/2000/NT/XP=20
This update applies to MS Internet Explorer, version=20
4.01 and later
MS Outlook, version 8.00 and later
MS Outlook Express, version 4.01 and later =20
Recommendation Customers should install the patch at the=20
earliest opportunity.=20
How to install Run attached file. Choose Yes on displayed=20
dialog box.=20
How to use You don't need to do anything after installing=20
this item.=20

Microsoft Product Support Services and Knowledge Base=20
articles can be found on the Microsoft Technical Support=20
web site. For security-related information about Microsoft=20
products, please visit the Microsoft Security Advisor web=20
site, or Contact Us.=20

Thank you for using Microsoft products.

Please do not reply to this message. It was sent from an=20
unmonitored e-mail address and we are unable to respond to=20
any replies.

-----------------------------------------------------------
---------------------
The names of the actual companies and products mentioned=20
herein are the trademarks of their respective owners. =20

Contact Us | Legal | TRUSTe =20
=A92003 Microsoft Corporation. All rights reserved. Terms=20
of Use | Privacy Statement | Accessibility =20


----------------------------------------------------

----------------------------------------------------

Below,
I copied the html source of the bogus email for all to see.
Anti-Virus software stopped the virus.


Source: installation.exe=20
Description: The email attachment installation.exe is=20
infected with the Worm.Automat.AHB virus.=20
Click for more information about this virus :=20
Worm.Automat.AHB


<HTML>
<HEAD>
<style type=3D'text/css'>.navtext{color:#ffffff;text-
decoration:none}
</style>
</HEAD>

<BODY BGCOLOR=3D"White" TEXT=3D"Black">
<BASEFONT SIZE=3D"2" face=3D"verdana,arial">
<TABLE WIDTH=3D"600" HEIGHT=3D"40" BGCOLOR=3D"#1478EB">
<TR height=3D"20">
<TD ALIGN=3D"left" VALIGN=3D"TOP" WIDTH=3D"400"=20
ROWSPAN=3D"2">&nbsp;
<FONT FACE=3D"sans-serif" SIZE=3D"5"><I><B>
<A class=3D'navtext' HREF=3D"http://www.microsoft.com/"
TITLE=3D"Microsoft Home Site" target=3D"_top">Microsoft</A>
</B></I></FONT>
</TD>

<TD ALIGN=3D"right" VALIGN=3D"MIDDLE" BGCOLOR=3D"Black" NOWRAP>
<FONT color=3D"#ffffff" size=3D1>&nbsp;
<A class=3D'navtext'=20
href=3D'http://www.microsoft.com/catalog/' target=3D"_top">All=20
Products</A>&nbsp;|&nbsp;
<A class=3D'navtext' href=3D'http://support.microsoft.com/'=20
target=3D"_top">Support</A>&nbsp;|&nbsp;
<A class=3D'navtext' href=3D'http://search.microsoft.com/'=20
target=3D"_top">Search</A>&nbsp;|&nbsp;
<A class=3D'navtext' href=3D'http://www.microsoft.com/'=20
target=3D_top>
Microsoft.com Guide</A>&nbsp;
</FONT>
</TD>
</TR>

<TR>
<TD ALIGN=3D"right" VALIGN=3D"BOTTOM" NOWRAP>
<FONT FACE=3D"Verdana, Arial" SIZE=3D1><B>
<A class=3D'navtext' HREF=3D'http://www.microsoft.com/'=20
TARGET=3D" top">
Microsoft Home</A>&nbsp;&nbsp;</B>
</FONT>
</TD>
</TR>
</TABLE>

&nbsp;<IMG SRC=3D"cid:mbrqyia" BORDER=3D"0"><BR><BR>
<TABLE WIDTH=3D"600"><TR><TD><FONT SIZE=3D"2">
Microsoft User<BR><BR>
this is the latest version of security update, the
"September 2003, Cumulative Patch" update which resolves
all known security vulnerabilities affecting
MS Internet Explorer, MS Outlook and MS Outlook Express.
Install now to protect your computer
from these vulnerabilities, the most serious of which could
allow an malicious user to run executable on your computer.
</FONT></TD></TR>
</TABLE>

<BR><BR>
<TABLE BORDER=3D"1" CELLSPACING=3D"1" CELLPADDING=3D"3"=20
WIDTH=3D"600">
<TR VALIGN=3D"TOP">
<TD NOWRAP><FONT SIZE=3D"1"><B><IMG SRC=3D"cid:agczvvw"=20
ALIGN=3D"absmiddle" BORDER=3D"0">&nbsp;System requirements</B>
</FONT></TD>
<TD NOWRAP><FONT SIZE=3D"1">Windows=20
95/98/Me/2000/NT/XP</FONT></TD>
</TR>

<TR VALIGN=3D"TOP">
<TD NOWRAP><FONT SIZE=3D"1"><B><IMG SRC=3D"cid:agczvvw"=20
ALIGN=3D"absmiddle" BORDER=3D"0">&nbsp;This update applies=20
to</B>
</FONT></TD><TD NOWRAP>
<FONT SIZE=3D"1">
MS Internet Explorer, version 4.01 and later<BR>
MS Outlook, version 8.00 and later<BR>
MS Outlook Express, version 4.01 and later
</FONT>
</TD>
</TR>

<TR VALIGN=3D"TOP">
<TD NOWRAP><FONT SIZE=3D"1"><B><IMG SRC=3D"cid:agczvvw"=20
ALIGN=3D"absmiddle"=20
BORDER=3D"0">&nbsp;Recommendation</B></FONT></TD>
<TD NOWRAP><FONT SIZE=3D"1">Customers should install the=20
patch at the earliest opportunity.</FONT></TD>
</TR>

<TR VALIGN=3D"TOP">
<TD NOWRAP><FONT SIZE=3D"1"><B><IMG SRC=3D"cid:agczvvw"=20
ALIGN=3D"absmiddle" BORDER=3D"0">&nbsp;How to=20
install</B></FONT></TD>
<TD NOWRAP><FONT SIZE=3D"1">Run attached file. Choose Yes on=20
displayed dialog box.</FONT></TD>
</TR>

<TR VALIGN=3D"TOP">
<TD NOWRAP><FONT SIZE=3D"1"><B><IMG SRC=3D"cid:agczvvw"=20
ALIGN=3D"absmiddle" BORDER=3D"0">&nbsp;How to=20
use</B></FONT></TD>
<TD NOWRAP><FONT SIZE=3D"1">You don't need to do anything=20
after installing this item.</FONT></TD>
</TR>
</TABLE>
<BR>

<TABLE WIDTH=3D"600"><TR><TD><FONT SIZE=3D"2">
Microsoft Product Support Services and Knowledge Base=20
articles
can be found on the <A=20
HREF=3D"http://support.microsoft.com/"=20
TARGET=3D"_top">Microsoft Technical Support</A> web site.=20
For security-related information about Microsoft products,=20
please visit the <A=20
HREF=3D"http://www.microsoft.com/security" TARGET=3D"_top">
Microsoft Security Advisor</A> web site, or <A=20
HREF=3D"http://www.microsoft.com/contactus/contactus.asp"=20
TARGET=3D"_top">Contact Us.</A>
<BR><BR>
Thank you for using Microsoft products.<BR><BR></FONT>
<FONT SIZE=3D"1">Please do not reply to this message. It was=20
sent from an unmonitored e-mail address and we are unable=20
to respond to any replies.<BR></FONT>

<HR COLOR=3D"Silver" SIZE=3D"1" WIDTH=3D"100%">
<FONT SIZE=3D"1" COLOR=3D"Gray">The names of the actual=20
companies and products mentioned herein are the trademarks=20
of their respective owners.</FONT>
</TD></TR></TABLE>

<BR>
<TABLE WIDTH=3D"600" HEIGHT=3D"45" BGCOLOR=3D"#1478EB">
<TR VALIGN=3D"TOP">
<TD WIDTH=3D"5"></TD>
<TD>
<FONT COLOR=3D"#FFFFFF" SIZE=3D"1"><B>
<A class=3D'navtext'=20
HREF=3D"http://www.microsoft.com/contactus/contactus.asp"=20
TARGET=3D"_top">Contact Us</A>
&nbsp;|&nbsp;
<A class=3D'navtext' HREF=3D"http://www.microsoft.com/legal/"=20
TARGET=3D"_top">Legal</A>
&nbsp;|&nbsp;
<A class=3D'navtext'=20
HREF=3D"https://www.truste.org/validate/605" TARGET=3D"_top"=20
TITLE=3D"TRUSTe - Click to Verify">TRUSTe</A>
</FONT></B>
</TD>
</TR>

<TR VALIGN=3D"MIDDLE">
<TD WIDTH=3D"5"></TD>
<TD>
<FONT COLOR=3D"#FFFFFF" SIZE=3D"1">
&copy;2003 Microsoft Corporation. All rights reserved.
<A STYLE=3D"color:#FFFFFF;"=20
HREF=3D"http://www.microsoft.com/info/cpyright.htm"=20
TARGET=3D"_top">Terms of Use</A>
&nbsp;|&nbsp;
<A STYLE=3D"color:#FFFFFF;"=20
HREF=3D"http://www.microsoft.com/info/privacy.htm"=20
TARGET=3D"_top">
Privacy Statement</A>&nbsp;|&nbsp;
<A STYLE=3D"color:#FFFFFF;"=20
HREF=3D"http://www.microsoft.com/enable/"=20
TARGET=3D"_top">Accessibility</A>
</FONT>
</TD>
</TR>

</TABLE>
</BODY>
</HTML>
Top

Source: installation.exe by Ed

Ed
Thu Sep 25 07:40:21 CDT 2003

sent from
wrujgdnr-nxfgb@iqshfvk.com
MS Corporation Technical Assistance




>-----Original Message-----
>Be advised this bogus Microsoft Security email is=20
>circulating.
>
> Microsoft All Products | Support | Search | =20
>Microsoft.com Guide =20
>Microsoft Home =20
>=20
>
>Microsoft User
>
>this is the latest version of security update,=20
>the "September 2003, Cumulative Patch" update which=20
>resolves all known security vulnerabilities affecting MS=20
>Internet Explorer, MS Outlook and MS Outlook Express.=20
>Install now to protect your computer from these=20
>vulnerabilities, the most serious of which could allow an=20
>malicious user to run executable on your computer. =20
>
>
> System requirements Windows 95/98/Me/2000/NT/XP=20
> This update applies to MS Internet Explorer, version=20
>4.01 and later
>MS Outlook, version 8.00 and later
>MS Outlook Express, version 4.01 and later =20
> Recommendation Customers should install the patch at the=20
>earliest opportunity.=20
> How to install Run attached file. Choose Yes on=20
displayed=20
>dialog box.=20
> How to use You don't need to do anything after=20
installing=20
>this item.=20
>
>Microsoft Product Support Services and Knowledge Base=20
>articles can be found on the Microsoft Technical Support=20
>web site. For security-related information about=20
Microsoft=20
>products, please visit the Microsoft Security Advisor web=20
>site, or Contact Us.=20
>
>Thank you for using Microsoft products.
>
>Please do not reply to this message. It was sent from an=20
>unmonitored e-mail address and we are unable to respond=20
to=20
>any replies.
>
>----------------------------------------------------------
-
>---------------------
>The names of the actual companies and products mentioned=20
>herein are the trademarks of their respective owners. =20
>
> Contact Us | Legal | TRUSTe =20
> =A92003 Microsoft Corporation. All rights reserved. Terms=20
>of Use | Privacy Statement | Accessibility =20
>
>
>----------------------------------------------------
>
>----------------------------------------------------
>
>Below,
>I copied the html source of the bogus email for all to=20
see.
>Anti-Virus software stopped the virus.
>
>
>Source: installation.exe=20
>Description: The email attachment installation.exe is=20
>infected with the Worm.Automat.AHB virus.=20
>Click for more information about this virus :=20
>Worm.Automat.AHB
>
>
><HTML>
><HEAD>
><style type=3D'text/css'>.navtext{color:#ffffff;text-
>decoration:none}
></style>
></HEAD>
>
><BODY BGCOLOR=3D"White" TEXT=3D"Black">
><BASEFONT SIZE=3D"2" face=3D"verdana,arial">
><TABLE WIDTH=3D"600" HEIGHT=3D"40" BGCOLOR=3D"#1478EB">
><TR height=3D"20">
><TD ALIGN=3D"left" VALIGN=3D"TOP" WIDTH=3D"400"=20
>ROWSPAN=3D"2">=20
><FONT FACE=3D"sans-serif" SIZE=3D"5"><I><B>
><A class=3D'navtext' HREF=3D"http://www.microsoft.com/"
>TITLE=3D"Microsoft Home Site" target=3D"_top">Microsoft</A>
></B></I></FONT>
></TD>
>
><TD ALIGN=3D"right" VALIGN=3D"MIDDLE" BGCOLOR=3D"Black" NOWRAP>
><FONT color=3D"#ffffff" size=3D1>=20
><A class=3D'navtext'=20
>href=3D'http://www.microsoft.com/catalog/'=20
target=3D"_top">All=20
>Products</A> |=20
><A class=3D'navtext' href=3D'http://support.microsoft.com/'=20
>target=3D"_top">Support</A> |=20
><A class=3D'navtext' href=3D'http://search.microsoft.com/'=20
>target=3D"_top">Search</A> |=20
><A class=3D'navtext' href=3D'http://www.microsoft.com/'=20
>target=3D_top>
>Microsoft.com Guide</A>=20
></FONT>
></TD>
></TR>
>
><TR>
><TD ALIGN=3D"right" VALIGN=3D"BOTTOM" NOWRAP>
><FONT FACE=3D"Verdana, Arial" SIZE=3D1><B>
><A class=3D'navtext' HREF=3D'http://www.microsoft.com/'=20
>TARGET=3D" top">
>Microsoft Home</A> </B>
></FONT>
></TD>
></TR>
></TABLE>
>
> <IMG SRC=3D"cid:mbrqyia" BORDER=3D"0"><BR><BR>
><TABLE WIDTH=3D"600"><TR><TD><FONT SIZE=3D"2">
>Microsoft User<BR><BR>
>this is the latest version of security update, the
>"September 2003, Cumulative Patch" update which resolves
>all known security vulnerabilities affecting
>MS Internet Explorer, MS Outlook and MS Outlook Express.
>Install now to protect your computer
>from these vulnerabilities, the most serious of which=20
could
>allow an malicious user to run executable on your=20
computer.
></FONT></TD></TR>
></TABLE>
>
><BR><BR>
><TABLE BORDER=3D"1" CELLSPACING=3D"1" CELLPADDING=3D"3"=20
>WIDTH=3D"600">
><TR VALIGN=3D"TOP">
><TD NOWRAP><FONT SIZE=3D"1"><B><IMG SRC=3D"cid:agczvvw"=20
>ALIGN=3D"absmiddle" BORDER=3D"0"> System requirements</B>
></FONT></TD>
><TD NOWRAP><FONT SIZE=3D"1">Windows=20
>95/98/Me/2000/NT/XP</FONT></TD>
></TR>
>
><TR VALIGN=3D"TOP">
><TD NOWRAP><FONT SIZE=3D"1"><B><IMG SRC=3D"cid:agczvvw"=20
>ALIGN=3D"absmiddle" BORDER=3D"0"> This update applies=20
>to</B>
></FONT></TD><TD NOWRAP>
><FONT SIZE=3D"1">
>MS Internet Explorer, version 4.01 and later<BR>
>MS Outlook, version 8.00 and later<BR>
>MS Outlook Express, version 4.01 and later
></FONT>
></TD>
></TR>
>
><TR VALIGN=3D"TOP">
><TD NOWRAP><FONT SIZE=3D"1"><B><IMG SRC=3D"cid:agczvvw"=20
>ALIGN=3D"absmiddle"=20
>BORDER=3D"0"> Recommendation</B></FONT></TD>
><TD NOWRAP><FONT SIZE=3D"1">Customers should install the=20
>patch at the earliest opportunity.</FONT></TD>
></TR>
>
><TR VALIGN=3D"TOP">
><TD NOWRAP><FONT SIZE=3D"1"><B><IMG SRC=3D"cid:agczvvw"=20
>ALIGN=3D"absmiddle" BORDER=3D"0"> How to=20
>install</B></FONT></TD>
><TD NOWRAP><FONT SIZE=3D"1">Run attached file. Choose Yes=20
on=20
>displayed dialog box.</FONT></TD>
></TR>
>
><TR VALIGN=3D"TOP">
><TD NOWRAP><FONT SIZE=3D"1"><B><IMG SRC=3D"cid:agczvvw"=20
>ALIGN=3D"absmiddle" BORDER=3D"0"> How to=20
>use</B></FONT></TD>
><TD NOWRAP><FONT SIZE=3D"1">You don't need to do anything=20
>after installing this item.</FONT></TD>
></TR>
></TABLE>
><BR>
>
><TABLE WIDTH=3D"600"><TR><TD><FONT SIZE=3D"2">
>Microsoft Product Support Services and Knowledge Base=20
>articles
>can be found on the <A=20
>HREF=3D"http://support.microsoft.com/"=20
>TARGET=3D"_top">Microsoft Technical Support</A> web site.=20
>For security-related information about Microsoft=20
products,=20
>please visit the <A=20
>HREF=3D"http://www.microsoft.com/security" TARGET=3D"_top">
>Microsoft Security Advisor</A> web site, or <A=20
>HREF=3D"http://www.microsoft.com/contactus/contactus.asp"=20
>TARGET=3D"_top">Contact Us.</A>
><BR><BR>
>Thank you for using Microsoft products.<BR><BR></FONT>
><FONT SIZE=3D"1">Please do not reply to this message. It=20
was=20
>sent from an unmonitored e-mail address and we are unable=20
>to respond to any replies.<BR></FONT>
>
><HR COLOR=3D"Silver" SIZE=3D"1" WIDTH=3D"100%">
><FONT SIZE=3D"1" COLOR=3D"Gray">The names of the actual=20
>companies and products mentioned herein are the=20
trademarks=20
>of their respective owners.</FONT>
></TD></TR></TABLE>
>
><BR>
><TABLE WIDTH=3D"600" HEIGHT=3D"45" BGCOLOR=3D"#1478EB">
><TR VALIGN=3D"TOP">
><TD WIDTH=3D"5"></TD>
><TD>
><FONT COLOR=3D"#FFFFFF" SIZE=3D"1"><B>
><A class=3D'navtext'=20
>HREF=3D"http://www.microsoft.com/contactus/contactus.asp"=20
>TARGET=3D"_top">Contact Us</A>
> |=20
><A class=3D'navtext' HREF=3D"http://www.microsoft.com/legal/"=20
>TARGET=3D"_top">Legal</A>
> |=20
><A class=3D'navtext'=20
>HREF=3D"https://www.truste.org/validate/605" TARGET=3D"_top"=20
>TITLE=3D"TRUSTe - Click to Verify">TRUSTe</A>
></FONT></B>
></TD>
></TR>
>
><TR VALIGN=3D"MIDDLE">
><TD WIDTH=3D"5"></TD>
><TD>
><FONT COLOR=3D"#FFFFFF" SIZE=3D"1">
>=A92003 Microsoft Corporation. All rights reserved.
><A STYLE=3D"color:#FFFFFF;"=20
>HREF=3D"http://www.microsoft.com/info/cpyright.htm"=20
>TARGET=3D"_top">Terms of Use</A>
> |=20
><A STYLE=3D"color:#FFFFFF;"=20
>HREF=3D"http://www.microsoft.com/info/privacy.htm"=20
>TARGET=3D"_top">
>Privacy Statement</A> |=20
><A STYLE=3D"color:#FFFFFF;"=20
>HREF=3D"http://www.microsoft.com/enable/"=20
>TARGET=3D"_top">Accessibility</A>
></FONT>
></TD>
></TR>
>
></TABLE>
></BODY>
></HTML>
>
>.
>
Top