1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Another spoof Microsoft e-mail patch?

Discussion in 'Virus & Other Malware Removal' started by Baby-Bug, Sep 18, 2003.

Thread Status:
Not open for further replies.
Advertisement
  1. Baby-Bug

    Baby-Bug Thread Starter

    Joined:
    Jul 18, 2003
    Messages:
    492
    Ok, some of you may remember a few weeks back I posted a thread about recieving a 'Microsoft' e-mail that supposedly included a critical patch with it, it turned at to be the Dumaru virus. Anyway, I have today recieved a new one that goes something like this...

    Sender: Microsoft Coporation Security Center
    Subject: Latest Microsoft Critical Patch

    Content...
    Microsoft Partner

    this is the latest version of security update, the "September 2003, Cumulative Patch" update which fixes all known security vulnerabilities affecting MS Internet Explorer, MS Outlook and MS Outlook Express as well as three newly discovered vulnerabilities. Install now to help protect your computer from these vulnerabilities. This update includes the functionality of all previously released patches.

    System requirements Windows 95/98/Me/2000/NT/XP
    This update applies to MS Internet Explorer, version 4.01 and later
    MS Outlook, version 8.00 and later
    MS Outlook Express, version 4.01 and later
    Recommendation Customers should install the patch at the earliest opportunity.
    How to install Run attached file. Choose Yes on displayed dialog box.
    How to use You don't need to do anything after installing this item.

    Microsoft Product Support Services and Knowledge Base articles can be found on the Microsoft Technical Support web site. For security-related information about Microsoft products, please visit the Microsoft Security Advisor web site, or Contact Us.

    Thank you for using Microsoft products.

    Please do not reply to this message. It was sent from an unmonitored e-mail address and we are unable to respond to any replies.


    It then has the following attachment...

    Patch24.exe

    Concerningly, Norton has not detected any problem with it, but I am not as foolish as to believe that big old MS Corp kindly send out Critical Updates via e-mail to minions such as I, therefore should anyone be willing to *investigate* this little attachment I have sat here, let me know.

    I am rather intrigued as to what nasty little thing it might be harbouring!

    regards
     
  2. brindle

    brindle

    Joined:
    Jun 14, 2002
    Messages:
    3,520
    Good for you, M$ will never send you an e-mail.
    searched both google, M$ and Norton turned up nothing.
     
  3. brendandonhu

    brendandonhu

    Joined:
    Jul 8, 2002
    Messages:
    14,681
    Virus. Microsoft does not send updates by email.
     
  4. flavallee

    flavallee Trusted Advisor

    Joined:
    May 12, 2002
    Messages:
    78,417
    First Name:
    Frank
    BabyBug:

    I just posted a warning about it before I saw and read your post. The sender and subject line is slightly different, but it is apparently from the same creep. :mad:

    Frank's Windows 95/98 Tips
     
  5. Flrman1

    Flrman1

    Joined:
    Jul 26, 2002
    Messages:
    46,329
  6. BillC

    BillC

    Joined:
    May 28, 2003
    Messages:
    2,366
  7. jrstark

    jrstark

    Joined:
    Jun 1, 2003
    Messages:
    63
    I am getting swamped with this one, they are all coming from different variants of Microsoft in the from name. Am also getting something else, usually a "returned" mail one that has a smaller size attachment. It tries to run itself when I click on the email. I am not getting the popup box on the "Microsoft" ones.
     
  8. jrstark

    jrstark

    Joined:
    Jun 1, 2003
    Messages:
    63
  9. jrstark

    jrstark

    Joined:
    Jun 1, 2003
    Messages:
    63
    Now I'm getting emails that say this:

    "This message has been processed by Brightmail(TM) Anti-Virus using
    Symantec's Norton AntiVirus Technology.

    variablename.exe was infected with the malicious virus Worm.Automat.AHB and has been deleted because the file cannot be cleaned."

    They do not seem to be infected, file size is much smaller.
     
  10. starman2002

    starman2002

    Joined:
    Jul 10, 2003
    Messages:
    310
    Thanks for the warning about this new threat people.
     
  11. Baby-Bug

    Baby-Bug Thread Starter

    Joined:
    Jul 18, 2003
    Messages:
    492
    Agreed, it seems this morning that I have a dozen or so of both, nasty little so and so's!

    Thanks for the input chaps! ;)

    regards
     
  12. joyoflife

    joyoflife

    Joined:
    Sep 16, 2003
    Messages:
    226
    I am so happy I saw this thread and read it because I am having the same email and didn't know it was a virus...fortunately I suspected because my email is @yahoo so I didn't open or download it....I scanned it with Yahoo's Norton and it didn't say it had a virus....but my email inbox and bulk folder are being swamped with this same "fake" Microsoft patch or update emails!

    But, I am wondering if it gave me the download trojan???

    See my thread: http://forums.techguy.org/showthread.php?s=&threadid=165864
     
  13. Baby-Bug

    Baby-Bug Thread Starter

    Joined:
    Jul 18, 2003
    Messages:
    492
  14. pdesjardins

    pdesjardins

    Joined:
    Jul 3, 2003
    Messages:
    32
    I'm also getting lots of these emails, which are trying to look like returns of emails I have tried to send...

    From: Microsoft Message Storage System [[email protected]]
    Sent: Tuesday, September 23, 2003 4:43 AM
    To: Inet User
    Subject: Failure Report

    Hi.
    I'm afraid I wasn't able to deliver your message to one or more destinations.

    Undelivered message to [email protected]

    Could a trojan be sending them out on my behalf? Any thoughts of what I should look for? I just delete them.
     
  15. flavallee

    flavallee Trusted Advisor

    Joined:
    May 12, 2002
    Messages:
    78,417
    First Name:
    Frank
    All those "failure delivery message" notices with an attachment are most likely viruses, so DON'T be tempted to open any of them.

    If the E-mail addresses listed are valid and known to you and you did send them a message, write these people personally in a NEW message and see if they received your message. If they live locally, just call them.

    Frank's Windows 95/98 Tips
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Similar Threads - Another spoof Microsoft
  1. BrianJones5
    Replies:
    0
    Views:
    298
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/165723

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice