Bogus Microsoft Update Contains VIRUS

  • Thread starter Thread starter Marc Krigel
  • Start date Start date
M

Marc Krigel

Somebody should let Microsoft know that a very real
looking email note is circulating, purportedly coming
from "MS Program Security Division"
<[email protected]>.

The virus WORM_SWEN.A in file upgrade26.exe which is
attached to the "Latest Net Update" email note.

The note looks official (e.g., from Microsoft) complete
with links and logos.


Marc
 
Microsoft has already announced publicly that they NEVER send updates via
email. What else can they do?

-JasonW
 
How about not allowing unscrupulous persons to
"spoof" their email addy or web addy?!?!?

They have all the security protocols, they should be able
to prevent this from happening!
 
How can you stop someone from spoofing your web site? its not possible
unless you physically go to there machine and stop them. Its just not
possible. Some common sense would help if people would pay attention to
major broadcasts by security companies or Microsoft. If they don't know what
the update is, why are they ignorant and just place it on there machine?
Common sense is all that is needed.
 
agreed, what else can you do..

Mark said:
How can you stop someone from spoofing your web site? its not possible
unless you physically go to there machine and stop them. Its just not
possible. Some common sense would help if people would pay attention to
major broadcasts by security companies or Microsoft. If they don't know what
the update is, why are they ignorant and just place it on there machine?
Common sense is all that is needed.
Click to expand...
 
Hi,

I received this mail today as well. It looks VERY real.
However, I want to stress that Microsoft does NOT will
email unsolicited security patches. Any mail you receive
that contains a file saying that it is a patch, or an
emai that says "click here" to receive the patch, etc.
did not come from Microsoft.

Rather, it appears you received the email resulting from
another computer (not yours) being invected by a mass
emailing worm. The two most widely-known are:

W32.Gibe_mm
http://securityresponse.symantec.com/avcenter/venc/data/w3
(e-mail address removed)

W32.Dumaru_mm
http://securityresponse.symantec.com/avcenter/venc/data/w3
(e-mail address removed)

Information on Bogus Microsoft Security Bulletin Emails
http://www.microsoft.com/technet/treeview/default.asp?
url=/technet/security/news/patch_hoax.asp

Any and all legitimate patches and updates are readily
available at http://windowsupdate.microsoft.com/. For
easy access, just start WindowsUpdate on your computer
and it will hook to the official Microsoft site to
provide you with access to patches and updates from
Microsoft.

Kathy Prince
Program Manager
Microsoft Support Lifecycle & Security

This posting is provided "AS IS" with no warranties, and
confers no rights.
 
Back
Top