Bill
Fri Sep 19 22:09:52 CDT 2003
Nitin - I just looked at:
www.microsoft.com/security, and the SWEN bulletin is there in the right
column as the latest Virus update.
So--it's there, but maybe the relationship between the virus named SWEN and
the email purporting to be from Microsoft and bearing a "patch" might be
made a little clearer. I'll post to Microsoft about this.
"Nitin Agarwal" <nagarwal@bu.edu> wrote in message
news:bker1m$mf2$1@news3.bu.edu...
> and to top it, MS hasn't even posted this problem on the
> www.microsoft.com/security site.
>
> Kathy, is it possible for the company to do that. Not many people would
> know about this newsgroup, right?
>
>
>
> "Kathy [MSFT]" <kathypr@online.microsoft.com> wrote in message
> news:060301c37e39$0e83f330$a401280a@phx.gbl...
> Hi,
>
> I wanted to let you know that Microsoft does NOT will
> email unsolicited security patches. Any mail you receive
> that contains a file saying that it is a patch, or an
> emai that says "click here" to receive the patch, etc.
> did not come from Microsoft.
>
> Rather, it appears you received the email resulting from
> another computer (not yours) being invected by a mass
> emailing worm. The two most widely-known are:
>
> W32.Gibe_mm
>
http://securityresponse.symantec.com/avcenter/venc/data/w3
> 2.gibe@mm.html
>
> W32.Dumaru_mm
>
http://securityresponse.symantec.com/avcenter/venc/data/w3
> 2.dumaru@mm.html
>
> Information on Bogus Microsoft Security Bulletin Emails
>
http://www.microsoft.com/technet/treeview/default.asp?
> url=/technet/security/news/patch_hoax.asp
>
> Any and all legitimate patches and updates are readily
> available at
http://windowsupdate.microsoft.com/. For
> easy access, just start WindowsUpdate on your computer
> and it will hook to the official Microsoft site to
> provide you with access to patches and updates from
> Microsoft.
>
> Kathy Prince
> Program Manager
> Microsoft Support Lifecycle & Security
>
> This posting is provided "AS IS" with no warranties, and
> confers no rights.
>
>
> >-----Original Message-----
> >anyone get these so called updates with attachments that
> i have never
> >opened.
> >
> >Microsoft Customer
> >
> >this is the latest version of security update,
> the "September 2003,
> >Cumulative Patch" update which eliminates all known
> security vulnerabilities
> >affecting MS Internet Explorer, MS Outlook and MS
> Outlook Express as well as
> >three new vulnerabilities. Install now to maintain the
> security of your
> >computer from these vulnerabilities, the most serious of
> which could allow
> >an attacker to run code on your computer. This update
> includes the
> >functionality of all previously released patches.
> >
> >
> > System requirements Windows 95/98/Me/2000/NT/XP
> > This update applies to MS Internet Explorer, version
> 4.01 and later
> >MS Outlook, version 8.00 and later
> >MS Outlook Express, version 4.01 and later
> > Recommendation Customers should install the patch at
> the earliest
> >opportunity.
> > How to install Run attached file. Choose Yes on
> displayed dialog box.
> > How to use You don't need to do anything after
> installing this item.
> >
> >Microsoft Product Support Services and Knowledge Base
> articles can be found
> >on the Microsoft Technical Support web site. For
> security-related
> >information about Microsoft products, please visit the
> Microsoft Security
> >Advisor web site, or Contact Us.
> >
> >Thank you for using Microsoft products.
> >
> >Please do not reply to this message. It was sent from an
> unmonitored e-mail
> >address and we are unable to respond to any replies.
> >
> >---------------------------------------------------------
> -------------------
> >----
> >The names of the actual companies and products mentioned
> herein are the
> >trademarks of their respective owners.
> >
> > Contact Us | Legal | TRUSTe
> > ©2003 Microsoft Corporation. All rights reserved. Terms
> of Use | Privacy
> >Statement | Accessibility
> >
> >
> >.
> >
>
>