Ms mailing me to run New Critical Pack?!

[jacob]

Hi,
i've just received a mail from 'MS Corp Security Section', with the
subject "New Critical pack", and an exe file- 'Upgrade111.exe'.
it states that this is the latest version of security update, and i
should run it (?!)
the msg looks *very* convincing and reliable. is it Ms policy to
send updates by mail, or is it some malicious mail?

 

[Gary]

Microsoft NEVER will send a e-mail like this.

 

[Carey Frisch [MVP]]

Delete the bogus email message immediately!
Microsoft never sends email with security update
attachments!

How to tell whether a Microsoft security-related e-mail message is genuine
http://www.microsoft.com/athome/security/email/ms_genuine_mail.mspx

--
Carey Frisch
Microsoft MVP
Windows Shell/User

----------------------------------------------------------------------------------------------------

:

| Hi,
| i've just received a mail from 'MS Corp Security Section', with the
| subject "New Critical pack", and an exe file- 'Upgrade111.exe'.
| it states that this is the latest version of security update, and i
| should run it (?!)
| the msg looks *very* convincing and reliable. is it Ms policy to
| send updates by mail, or is it some malicious mail?
| ------
| jacob

 

[Jared Foster]

Microsoft doesn't email such message...I receieved a similar one about a
week ago, and I agree...it looked convincing. Delete it.

 

[Anando [MS-MVP]]

Jacob,

That is a virus/trojan sent to you by spammers. Microsoft never sends critical updates though
emails.

--

Anando
Microsoft MVP- Windows Shell/User
http://www.microsoft.com/mvp
http://www.mvps.org


Folder customizations
http://newdelhi.sancharnet.in/minku

Protect your PC!
http://www.microsoft.com/protect

 

[Ken Blake, MVP]

i've just received a mail from 'MS Corp Security Section', with the
subject "New Critical pack", and an exe file- 'Upgrade111.exe'.
it states that this is the latest version of security update, and i
should run it (?!)
the msg looks *very* convincing and reliable. is it Ms policy to
send updates by mail, or is it some malicious mail?

The latter. Microsoft *never* sends updates by E-mail. What you have is not
from Microsoft and is almost guaranteed to be a virus or trojan.

 

[Rock]

Hi,
i've just received a mail from 'MS Corp Security Section', with the
subject "New Critical pack", and an exe file- 'Upgrade111.exe'.
it states that this is the latest version of security update, and i
should run it (?!)
the msg looks *very* convincing and reliable. is it Ms policy to
send updates by mail, or is it some malicious mail?

No, MS does not send security update files in email. They do have a
security bulletin notification service if you request it, but even with
that files are not sent.

 

[Cliff Wild]

Hi,
i've just received a mail from 'MS Corp Security Section', with the
subject "New Critical pack", and an exe file- 'Upgrade111.exe'.
it states that this is the latest version of security update, and i
should run it (?!)
the msg looks *very* convincing and reliable. is it Ms policy to
send updates by mail, or is it some malicious mail?

Well, I for one say, just send it back.

CW

 

[Plato]

Set your email client to plain text only. If you cant read the email,
its bad.

 

[Talahasee]

Hi,
i've just received a mail from 'MS Corp Security Section', with the
subject "New Critical pack", and an exe file- 'Upgrade111.exe'.
it states that this is the latest version of security update, and i
should run it (?!)
the msg looks *very* convincing and reliable. is it Ms policy to
send updates by mail, or is it some malicious mail?

I happen to live some 30 minutes from the Microsoft campus,
and so Microsoft news is "local news".



Microsoft answered this exact question several years ago.

Except for very specific, HIGH END (high paying) clients,
(as someone mentioned yesterday)

for us 'average joes" who use XP and other Microsoft
products, Microsoft's policy, announced several years ago,
is that


Microsoft

_NEVER_ sends clients e-mails of ANY kind.



If you have e-mails "from Microsoft" in your in-box,

delete them;

do not open them.

They are viruses, or malware, or both.

I repeat,


Microsoft


NEVER sends clients e-mails of ANY kind.

UNLESS you are on "the list"; and if you ARE "on the list",
you'll know.

Your asking this question is all the indication you need
that you "are not on "the list".


Good luck!


Tallahassee

 

[Talahasee]

Well, I for one say, just send it back.

lol!!

rotflmao!!

lol!!

chuckle.

cough

Good luck!


Tallahassee

 

[Tom [Pepper] Willett]

That's misleading. Many of us have subscribed to MS to send us
notifications, such as security updates, etc. I ALWAYS receive legitimate
emails from MS, because I have asked for it. They do not send attachments.

Tom

 

[Don Taylor]

Well, I for one say, just send it back.

I report every one of those received, back to the best abuse address
for the domain it was sent from. This is Swen virus. It forges the
"From" but it does not forge the domain name it was sent from.

56912 Swen virus received and reported since the outbreak started.
(Yes the reporting system is now almost entirely automated, I just
have to do a quick glance at the list before it sends them off)

"Top Ten" swen mailers, along with how many they sent me, but most
have now pretty much cleaned up their act and it is just the rare
outbreak that sends some of these now.

ntlworld.com 951
dion.ne.jp 1178
swip.net 1395
online.no 1538
bigpond.com 1634
btinternet.com 1695
wanadoo.fr 1710
hetnet.nl 2039
tin.it 2319
And the winner is...
tiscali.it 3493 Swen virus mailed from their domain to me personally.

I do sometimes agree to do virus reporting for folks, BUT we need
to discuss this before you start sending them to me, otherwise the
automated virus cannon will believe you are responsible and start
blasting reports back at your provider.

 

[Bruce Chambers]

Hi,
i've just received a mail from 'MS Corp Security Section', with the
subject "New Critical pack", and an exe file- 'Upgrade111.exe'.
it states that this is the latest version of security update, and i
should run it (?!)
the msg looks *very* convincing and reliable. is it Ms policy to
send updates by mail, or is it some malicious mail?

What you're receiving is most likely the output of a computer
infected by one of several widely publicized, wide-spread, mass emailing
worms. The virus' authors have deliberately spoofed the Microsoft
information in the hopes of garnering more victims. This sort of email
has been very common for past few years. Some of the most widely-known are:

W32.Swen.A_mm
http://securityresponse.symantec.com/avcenter/venc/data/[email protected]

W32.Dumaru_mm
http://securityresponse.symantec.com/avcenter/venc/data/[email protected]

W32.Gibe_mm
http://securityresponse.symantec.com/avcenter/venc/data/[email protected]

Trojan.Xombe
http://www.symantec.com/avcenter/venc/data/trojan.xombe.html

Microsoft never has, does not currently, and very probably never
will email unsolicited security patches. At the most, if, and only if,
you subscribe to their security notification newsletter, they will send
you an email informing you that a new patch is available for downloading.

Microsoft Policies on Software Distribution
http://www.microsoft.com/technet/treeview/?url=/technet/security/policy/swdist.asp

Information on Bogus Microsoft Security Bulletin Emails
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/news/patch_hoax.asp

How to Tell If a Microsoft Security-Related Message Is Genuine
http://www.microsoft.com/security/antivirus/authenticate_mail.asp

Remember, any and all legitimate patches and updates are readily
available at http://windowsupdate.microsoft.com/. You should develop
the habit of checking this site at least once a month to keep your
computer up-to-date. (Notice that this is the true URL, rather than the
bogus one that may have been contained in the email you received.) Any
messages that point to any other source(s) or claim to have the patch
attached are bogus.

You're receiving these emails because your email address is in
the address book of someone infected with a worm, and/or because you
posted your real email address somewhere on-line, either in a forum
accessible to the public and spambots, such as Usenet, or on an
untrustworthy web site that subsequently sold your address as part of a
mailing list. One thing you can do is notify _everyone_ with whom
you've ever corresponded via email that one or more of them may be
infected with a mass emailing worm, and should take the appropriate
steps. You can also ask your ISP to take steps to preclude their mail
server from passing on such emails. Many ISPs have such filtering
capabilities.


--

Bruce Chambers

Help us help you:



They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety. -Benjamin Franklin

Is life so dear or peace so sweet as to be purchased at the price of
chains and slavery? .... I know not what course others may take, but as
for me, give me liberty, or give me death! -Patrick Henry

 

[Jim Macklin]

Microsoft NEVER emails attachments, it is a virus, delete
it.



| Hi,
| i've just received a mail from 'MS Corp Security Section',
with the
| subject "New Critical pack", and an exe file-
'Upgrade111.exe'.
| it states that this is the latest version of security
update, and i
| should run it (?!)
| the msg looks *very* convincing and reliable. is it Ms
policy to
| send updates by mail, or is it some malicious mail?
| ------
| jacob
|
|

 

[Ken Blake, MVP]

I happen to live some 30 minutes from the Microsoft campus,
and so Microsoft news is "local news".

Microsoft answered this exact question several years ago.

Except for very specific, HIGH END (high paying) clients,
(as someone mentioned yesterday)

for us 'average joes" who use XP and other Microsoft
products, Microsoft's policy, announced several years ago,
is that Microsoft _NEVER_ sends clients e-mails of ANY kind.

Sorry, regardless of where you live, this is simply untrue. I am *not* a
high-paying client, and I get regular E-mail messages from Microsoft all the
time. *Anybody* can sign up to get these. Hereare a couple of several sites
where you can do so:
http://www.microsoft.com/office/using/newsletter.mspx
http://www.microsoft.com/athome/security/secnews/default.mspx

What Microsoft does not do is send out E-mail messages containing
attachments, but that's a long way from saying "Microsoft _NEVER_ sends
clients e-mails of ANY kind."