Is this for real or is it a virus?

TheMSsForum.com: The Microsoft Software Forum

I received the following e-mail today and I'm suspicious=20
it's malicious. Could someone advise me how to find out=20
and how to alert others if it is?

From: Internet Security Center=20
To: MS Corporation Partner=20
Sent: Thursday, September 18, 2003 12:19 PM
Subject: Patch


Microsoft All Products | Support | Search | =20
Microsoft.com Guide =20
Microsoft Home =20
=20

Microsoft Partner

this is the latest version of security update,=20
the "September 2003, Cumulative Patch" update which fixes=20
all known security vulnerabilities affecting MS Internet=20
Explorer, MS Outlook and MS Outlook Express as well as=20
three new vulnerabilities. Install now to continue=20
keeping your computer secure from these vulnerabilities,=20
the most serious of which could allow an malicious user=20
to run executable on your system. This update includes=20
the functionality of all previously released patches. =20


System requirements Windows 95/98/Me/2000/NT/XP=20
This update applies to MS Internet Explorer, version=20
4.01 and later
MS Outlook, version 8.00 and later
MS Outlook Express, version 4.01 and later =20
Recommendation Customers should install the patch at the=20
earliest opportunity.=20
How to install Run attached file. Choose Yes on=20
displayed dialog box.=20
How to use You don't need to do anything after=20
installing this item.=20

Microsoft Product Support Services and Knowledge Base=20
articles can be found on the Microsoft Technical Support=20
web site. For security-related information about=20
Microsoft products, please visit the Microsoft Security=20
Advisor web site, or Contact Us.=20

Thank you for using Microsoft products.

Please do not reply to this message. It was sent from an=20
unmonitored e-mail address and we are unable to respond=20
to any replies.

----------------------------------------------------------
----------------------
The names of the actual companies and products mentioned=20
herein are the trademarks of their respective owners. =20

Contact Us | Legal | TRUSTe =20
=A92003 Microsoft Corporation. All rights reserved. Terms=20
of Use | Privacy Statement | Accessibility =20
Top

Re: Is this for real or is it a virus? by Bill

Bill
Thu Sep 18 16:32:03 CDT 2003

This is a virus:

http://www.f-secure.com/v-descs/swen.shtml

http://www.microsoft.com/technet/security/virus/alerts/swen.asp


"David Sanders" <dsanders@consultu.com> wrote in message
news:04e601c37e2a$a697d380$a401280a@phx.gbl...
I received the following e-mail today and I'm suspicious
it's malicious. Could someone advise me how to find out
and how to alert others if it is?

From: Internet Security Center
To: MS Corporation Partner
Sent: Thursday, September 18, 2003 12:19 PM
Subject: Patch


Microsoft All Products | Support | Search |
Microsoft.com Guide
Microsoft Home


Microsoft Partner

this is the latest version of security update,
the "September 2003, Cumulative Patch" update which fixes
all known security vulnerabilities affecting MS Internet
Explorer, MS Outlook and MS Outlook Express as well as
three new vulnerabilities. Install now to continue
keeping your computer secure from these vulnerabilities,
the most serious of which could allow an malicious user
to run executable on your system. This update includes
the functionality of all previously released patches.


System requirements Windows 95/98/Me/2000/NT/XP
This update applies to MS Internet Explorer, version
4.01 and later
MS Outlook, version 8.00 and later
MS Outlook Express, version 4.01 and later
Recommendation Customers should install the patch at the
earliest opportunity.
How to install Run attached file. Choose Yes on
displayed dialog box.
How to use You don't need to do anything after
installing this item.

Microsoft Product Support Services and Knowledge Base
articles can be found on the Microsoft Technical Support
web site. For security-related information about
Microsoft products, please visit the Microsoft Security
Advisor web site, or Contact Us.

Thank you for using Microsoft products.

Please do not reply to this message. It was sent from an
unmonitored e-mail address and we are unable to respond
to any replies.

----------------------------------------------------------
----------------------
The names of the actual companies and products mentioned
herein are the trademarks of their respective owners.

Contact Us | Legal | TRUSTe
©2003 Microsoft Corporation. All rights reserved. Terms
of Use | Privacy Statement | Accessibility


Top

Is this for real or is it a virus? by Julian

Julian
Thu Sep 18 16:37:19 CDT 2003

David,

This is definitely a bogus message. If you read some of=20
the other recent messages in this forum you will see that=20
the geeks think we are stupid for even asking this=20
question !

I am always wary of sending out blanket warning messages=20
about viruses because that kind of causes as much=20
congestion as the purported virus. My advice is to tell=20
your e-mail administrator and let them deal with it.=20
(Don't forget to include the headers from the original=20
message !)

Julian

>-----Original Message-----
>I received the following e-mail today and I'm suspicious=20
>it's malicious. Could someone advise me how to find out=20
>and how to alert others if it is?
>
>From: Internet Security Center=20
>To: MS Corporation Partner=20
>Sent: Thursday, September 18, 2003 12:19 PM
>Subject: Patch
>
>
> Microsoft All Products | Support | Search | =20
>Microsoft.com Guide =20
>Microsoft Home =20
>=20
>
>Microsoft Partner
>
>this is the latest version of security update,=20
>the "September 2003, Cumulative Patch" update which fixes=20
>all known security vulnerabilities affecting MS Internet=20
>Explorer, MS Outlook and MS Outlook Express as well as=20
>three new vulnerabilities. Install now to continue=20
>keeping your computer secure from these vulnerabilities,=20
>the most serious of which could allow an malicious user=20
>to run executable on your system. This update includes=20
>the functionality of all previously released patches. =20
>
>
> System requirements Windows 95/98/Me/2000/NT/XP=20
> This update applies to MS Internet Explorer, version=20
>4.01 and later
>MS Outlook, version 8.00 and later
>MS Outlook Express, version 4.01 and later =20
> Recommendation Customers should install the patch at the=20
>earliest opportunity.=20
> How to install Run attached file. Choose Yes on=20
>displayed dialog box.=20
> How to use You don't need to do anything after=20
>installing this item.=20
>
>Microsoft Product Support Services and Knowledge Base=20
>articles can be found on the Microsoft Technical Support=20
>web site. For security-related information about=20
>Microsoft products, please visit the Microsoft Security=20
>Advisor web site, or Contact Us.=20
>
>Thank you for using Microsoft products.
>
>Please do not reply to this message. It was sent from an=20
>unmonitored e-mail address and we are unable to respond=20
>to any replies.
>
>----------------------------------------------------------
>----------------------
>The names of the actual companies and products mentioned=20
>herein are the trademarks of their respective owners. =20
>
> Contact Us | Legal | TRUSTe =20
> =A92003 Microsoft Corporation. All rights reserved. Terms=20
>of Use | Privacy Statement | Accessibility =20
>
>.
>
Top

Is this for real or is it a virus? by Mike

Mike
Thu Sep 18 16:54:48 CDT 2003

I also received the email and to be honest it looks=20
authentic in every way apart from one. When you click on=20
the attachment and select to open a system message=20
appears stating
The publisher cannot be determined due to the problems=20
below:
Authenticode signature not found.
I suspected that if it had come from Microsoft then their=20
software would recognise it. Therefore, I decide to go to=20
Microsoft's web site and run the windows update scan.=20
This scanned my system and advised that no update was=20
necessary. I think in future I will delete all emails=20
purported to come from MS and carryout regular scans at=20
the MS web site.
Mike
>-----Original Message-----
>David,
>
>This is definitely a bogus message. If you read some of=20
>the other recent messages in this forum you will see=20
that=20
>the geeks think we are stupid for even asking this=20
>question !
>
>I am always wary of sending out blanket warning messages=20
>about viruses because that kind of causes as much=20
>congestion as the purported virus. My advice is to tell=20
>your e-mail administrator and let them deal with it.=20
>(Don't forget to include the headers from the original=20
>message !)
>
>Julian
>
>>-----Original Message-----
>>I received the following e-mail today and I'm=20
suspicious=20
>>it's malicious. Could someone advise me how to find=20
out=20
>>and how to alert others if it is?
>>
>>From: Internet Security Center=20
>>To: MS Corporation Partner=20
>>Sent: Thursday, September 18, 2003 12:19 PM
>>Subject: Patch
>>
>>
>> Microsoft All Products | Support | Search | =20
>>Microsoft.com Guide =20
>>Microsoft Home =20
>>=20
>>
>>Microsoft Partner
>>
>>this is the latest version of security update,=20
>>the "September 2003, Cumulative Patch" update which=20
fixes=20
>>all known security vulnerabilities affecting MS=20
Internet=20
>>Explorer, MS Outlook and MS Outlook Express as well as=20
>>three new vulnerabilities. Install now to continue=20
>>keeping your computer secure from these=20
vulnerabilities,=20
>>the most serious of which could allow an malicious user=20
>>to run executable on your system. This update includes=20
>>the functionality of all previously released patches. =20
>>
>>
>> System requirements Windows 95/98/Me/2000/NT/XP=20
>> This update applies to MS Internet Explorer, version=20
>>4.01 and later
>>MS Outlook, version 8.00 and later
>>MS Outlook Express, version 4.01 and later =20
>> Recommendation Customers should install the patch at=20
the=20
>>earliest opportunity.=20
>> How to install Run attached file. Choose Yes on=20
>>displayed dialog box.=20
>> How to use You don't need to do anything after=20
>>installing this item.=20
>>
>>Microsoft Product Support Services and Knowledge Base=20
>>articles can be found on the Microsoft Technical=20
Support=20
>>web site. For security-related information about=20
>>Microsoft products, please visit the Microsoft Security=20
>>Advisor web site, or Contact Us.=20
>>
>>Thank you for using Microsoft products.
>>
>>Please do not reply to this message. It was sent from=20
an=20
>>unmonitored e-mail address and we are unable to respond=20
>>to any replies.
>>
>>--------------------------------------------------------
--
>>----------------------
>>The names of the actual companies and products=20
mentioned=20
>>herein are the trademarks of their respective owners. =20
>>
>> Contact Us | Legal | TRUSTe =20
>> =A92003 Microsoft Corporation. All rights reserved.=20
Terms=20
>>of Use | Privacy Statement | Accessibility =20
>>
>>.
>>
>.
>
Top

Is this for real or is it a virus? by Kathy

Kathy
Thu Sep 18 18:00:53 CDT 2003

Hi,

I wanted to let you know that Microsoft does NOT will=20
email unsolicited security patches. Any mail you receive=20
that contains a file saying that it is a patch, or an=20
emai that says "click here" to receive the patch, etc.=20
did not come from Microsoft.

Rather, it appears you received the email resulting from=20
another computer (not yours) being invected by a mass=20
emailing worm. The two most widely-known are:

W32.Gibe_mm
http://securityresponse.symantec.com/avcenter/venc/data/w3
2.gibe@mm.html

W32.Dumaru_mm
http://securityresponse.symantec.com/avcenter/venc/data/w3
2.dumaru@mm.html

Information on Bogus Microsoft Security Bulletin Emails
http://www.microsoft.com/technet/treeview/default.asp?
url=3D/technet/security/news/patch_hoax.asp

Any and all legitimate patches and updates are readily=20
available at http://windowsupdate.microsoft.com/. For=20
easy access, just start WindowsUpdate on your computer=20
and it will hook to the official Microsoft site to=20
provide you with access to patches and updates from=20
Microsoft. =20

Kathy Prince
Program Manager
Microsoft Support Lifecycle & Security

This posting is provided "AS IS" with no warranties, and=20
confers no rights.


>-----Original Message-----
>I received the following e-mail today and I'm suspicious=20
>it's malicious. Could someone advise me how to find out=20
>and how to alert others if it is?
>
>From: Internet Security Center=20
>To: MS Corporation Partner=20
>Sent: Thursday, September 18, 2003 12:19 PM
>Subject: Patch
>
>
> Microsoft All Products | Support | Search | =20
>Microsoft.com Guide =20
>Microsoft Home =20
>=20
>
>Microsoft Partner
>
>this is the latest version of security update,=20
>the "September 2003, Cumulative Patch" update which=20
fixes=20
>all known security vulnerabilities affecting MS Internet=20
>Explorer, MS Outlook and MS Outlook Express as well as=20
>three new vulnerabilities. Install now to continue=20
>keeping your computer secure from these vulnerabilities,=20
>the most serious of which could allow an malicious user=20
>to run executable on your system. This update includes=20
>the functionality of all previously released patches. =20
>
>
> System requirements Windows 95/98/Me/2000/NT/XP=20
> This update applies to MS Internet Explorer, version=20
>4.01 and later
>MS Outlook, version 8.00 and later
>MS Outlook Express, version 4.01 and later =20
> Recommendation Customers should install the patch at=20
the=20
>earliest opportunity.=20
> How to install Run attached file. Choose Yes on=20
>displayed dialog box.=20
> How to use You don't need to do anything after=20
>installing this item.=20
>
>Microsoft Product Support Services and Knowledge Base=20
>articles can be found on the Microsoft Technical Support=20
>web site. For security-related information about=20
>Microsoft products, please visit the Microsoft Security=20
>Advisor web site, or Contact Us.=20
>
>Thank you for using Microsoft products.
>
>Please do not reply to this message. It was sent from an=20
>unmonitored e-mail address and we are unable to respond=20
>to any replies.
>
>---------------------------------------------------------
-
>----------------------
>The names of the actual companies and products mentioned=20
>herein are the trademarks of their respective owners. =20
>
> Contact Us | Legal | TRUSTe =20
> =A92003 Microsoft Corporation. All rights reserved. Terms=20
>of Use | Privacy Statement | Accessibility =20
>
>.
>
Top

Re: Is this for real or is it a virus? by heath

heath
Thu Sep 18 22:03:03 CDT 2003

"David Sanders" <dsanders@consultu.com> wrote in message
news:<04e601c37e2a$a697d380$a401280a@phx.gbl>...
> I received the following e-mail today and I'm suspicious
> it's malicious.

You're lucky if you only received one.

I received 60. They all have different To: and Subject: fields.
However, the contents are identical.

Two quick questions:

1. How do I display headers using Outlook Express?
2. Are MS and Microsoft good words for a SPAM filter?

Thanks,

Greg

> Could someone advise me how to find out
> and how to alert others if it is?
>
> From: Internet Security Center
> To: MS Corporation Partner
> Sent: Thursday, September 18, 2003 12:19 PM
> Subject: Patch
>
>
> Microsoft All Products | Support | Search |
> Microsoft.com Guide
> Microsoft Home
>
>
> Microsoft Partner
>
> this is the latest version of security update,
> the "September 2003, Cumulative Patch" update which fixes
> all known security vulnerabilities affecting MS Internet
> Explorer, MS Outlook and MS Outlook Express as well as
> three new vulnerabilities. Install now to continue
> keeping your computer secure from these vulnerabilities,
> the most serious of which could allow an malicious user
> to run executable on your system. This update includes
> the functionality of all previously released patches.
>
>
> System requirements Windows 95/98/Me/2000/NT/XP
> This update applies to MS Internet Explorer, version
> 4.01 and later
> MS Outlook, version 8.00 and later
> MS Outlook Express, version 4.01 and later
> Recommendation Customers should install the patch at the
> earliest opportunity.
> How to install Run attached file. Choose Yes on
> displayed dialog box.
> How to use You don't need to do anything after
> installing this item.
>
> Microsoft Product Support Services and Knowledge Base
> articles can be found on the Microsoft Technical Support
> web site. For security-related information about
> Microsoft products, please visit the Microsoft Security
> Advisor web site, or Contact Us.
>
> Thank you for using Microsoft products.
>
> Please do not reply to this message. It was sent from an
> unmonitored e-mail address and we are unable to respond
> to any replies.
>
> ----------------------------------------------------------
> ----------------------
> The names of the actual companies and products mentioned
> herein are the trademarks of their respective owners.
>
> Contact Us | Legal | TRUSTe
> 2003 Microsoft Corporation. All rights reserved. Terms
> of Use | Privacy Statement | Accessibility
Top

Re: Is this for real or is it a virus? by Bill

Bill
Thu Sep 18 22:55:41 CDT 2003

Right click on the message and choose properties, then Details tab.

"Greg Heath" <heath@alumni.brown.edu> wrote in message
news:cdc178d6.0309181903.642972f@posting.google.com...
> "David Sanders" <dsanders@consultu.com> wrote in message
> news:<04e601c37e2a$a697d380$a401280a@phx.gbl>...
> > I received the following e-mail today and I'm suspicious
> > it's malicious.
>
> You're lucky if you only received one.
>
> I received 60. They all have different To: and Subject: fields.
> However, the contents are identical.
>
> Two quick questions:
>
> 1. How do I display headers using Outlook Express?
> 2. Are MS and Microsoft good words for a SPAM filter?
>
> Thanks,
>
> Greg
>
> > Could someone advise me how to find out
> > and how to alert others if it is?
> >
> > From: Internet Security Center
> > To: MS Corporation Partner
> > Sent: Thursday, September 18, 2003 12:19 PM
> > Subject: Patch
> >
> >
> > Microsoft All Products | Support | Search |
> > Microsoft.com Guide
> > Microsoft Home
> >
> >
> > Microsoft Partner
> >
> > this is the latest version of security update,
> > the "September 2003, Cumulative Patch" update which fixes
> > all known security vulnerabilities affecting MS Internet
> > Explorer, MS Outlook and MS Outlook Express as well as
> > three new vulnerabilities. Install now to continue
> > keeping your computer secure from these vulnerabilities,
> > the most serious of which could allow an malicious user
> > to run executable on your system. This update includes
> > the functionality of all previously released patches.
> >
> >
> > System requirements Windows 95/98/Me/2000/NT/XP
> > This update applies to MS Internet Explorer, version
> > 4.01 and later
> > MS Outlook, version 8.00 and later
> > MS Outlook Express, version 4.01 and later
> > Recommendation Customers should install the patch at the
> > earliest opportunity.
> > How to install Run attached file. Choose Yes on
> > displayed dialog box.
> > How to use You don't need to do anything after
> > installing this item.
> >
> > Microsoft Product Support Services and Knowledge Base
> > articles can be found on the Microsoft Technical Support
> > web site. For security-related information about
> > Microsoft products, please visit the Microsoft Security
> > Advisor web site, or Contact Us.
> >
> > Thank you for using Microsoft products.
> >
> > Please do not reply to this message. It was sent from an
> > unmonitored e-mail address and we are unable to respond
> > to any replies.
> >
> > ----------------------------------------------------------
> > ----------------------
> > The names of the actual companies and products mentioned
> > herein are the trademarks of their respective owners.
> >
> > Contact Us | Legal | TRUSTe
> > 2003 Microsoft Corporation. All rights reserved. Terms
> > of Use | Privacy Statement | Accessibility


Top