Results 1 to 5 of 5

Thread: Email from MS: Is it Legit?

  1. #1
    Member
    Join Date
    Sep 2003
    Location
    Dallas, TX
    Posts
    64

    Email from MS: Is it Legit?

    Hello-

    For reasons that I don't know, I"ve received a plethora of email apparently from MS addressed to: Commerical Customer, Customer, Commercial User, User, MS User, etc The emails have an attachment which is an install***.exe file and the email shows MS logos & has links to MS websites. Text is listed below:

    Is this legitimate? Seems to me MS would normally use the MS Update, rather than send email directly? IF not legit, what is the origin of this hoax? anyone know?

    Comments?

    Scott


    Microsoft All Products | Support | Search | Microsoft.com Guide
    Microsoft Home


    Microsoft User

    this is the latest version of security update, the "September 2003, Cumulative Patch" update which eliminates all known security vulnerabilities affecting MS Internet Explorer, MS Outlook and MS Outlook Express as well as three newly discovered vulnerabilities. Install now to help protect your computer from these vulnerabilities, the most serious of which could allow an malicious user to run executable on your computer. This update includes the functionality of all previously released patches.


    System requirements Windows 95/98/Me/2000/NT/XP
    This update applies to MS Internet Explorer, version 4.01 and later
    MS Outlook, version 8.00 and later
    MS Outlook Express, version 4.01 and later
    Recommendation Customers should install the patch at the earliest opportunity.
    How to install Run attached file. Choose Yes on displayed dialog box.
    How to use You don't need to do anything after installing this item.

    Microsoft Product Support Services and Knowledge Base articles can be found on the Microsoft Technical Support web site. For security-related information about Microsoft products, please visit the Microsoft Security Advisor web site, or Contact Us.

    Thank you for using Microsoft products.

    Please do not reply to this message. It was sent from an unmonitored e-mail address and we are unable to respond to any replies.

    --------------------------------------------------------------------------------
    The names of the actual companies and products mentioned herein are the trademarks of their respective owners.

    Contact Us | Legal | TRUSTe
    2003 Microsoft Corporation. All rights reserved. Terms of Use | Privacy Statement | Accessibility
    Core2 2.40GHz, 1066 FSB; MSI 975X Platinum V.2 975X , BIOS 7.5; 4x1GB Corsair DDR2-800; 600W Zalman Heatpipe; 1x250 GB Seagate SATA-2 + 2x750 GB Seagate SATA-2, RAID1 + 1x 750GB Seagate SATA-2; 2x SONY DRU-830A DVD/CD Combo; MSI GeForce 8600 GTS; Samsung 245BW; VISTA-Ultimate

  2. #2
    Head Honcho Administrator Reverend's Avatar
    Join Date
    Apr 2002
    Location
    England
    Posts
    14,045
    It is a virus. Do not run the .exe attachment, and delete the mail straight away.

    More info was posted on our front page on 18th Sept here and in our System Security forum here
    Last edited by Reverend; September 23rd, 2003 at 18:19 PM.

    =========== Please Read The Forum Rules ===========

  3. #3
    Precision Processor Super Moderator egghead's Avatar
    Join Date
    May 2002
    Location
    In Your Monitor
    Posts
    3,546
    Originally posted by Reverend
    It is a virus. Do not run the .exe attachment, and delete the mail straight away.

    More info was posted on our front page on 18th Sept here and in our System Security forum here
    Danger!!!
    http://securityresponse.symantec.com...swen.a@mm.html

    This worm exploits a vulnerability in Microsoft Outlook and Outlook Express in an attempt to execute itself when you open or even preview the message. Information and a patch for the vulnerability can be found at: http://www.microsoft.com/technet/tre...n/MS01-020.asp
    Last edited by egghead; September 23rd, 2003 at 18:46 PM.
    ------------------------------------------------------------



  4. #4
    Member
    Join Date
    Sep 2003
    Location
    Dallas, TX
    Posts
    64

    Thx - No virus on my computer

    Thanks guys!

    Perhaps practicing 'safe computing' pays? I keep Win XP updated and I use IE 6.0 so I guess I was able to avoid attack of the swen virus. I reviewed the links you suggested and ran symantec's swen.a test & was given a clean bill of health. Thx again for saving me some time.

    Scott
    Core2 2.40GHz, 1066 FSB; MSI 975X Platinum V.2 975X , BIOS 7.5; 4x1GB Corsair DDR2-800; 600W Zalman Heatpipe; 1x250 GB Seagate SATA-2 + 2x750 GB Seagate SATA-2, RAID1 + 1x 750GB Seagate SATA-2; 2x SONY DRU-830A DVD/CD Combo; MSI GeForce 8600 GTS; Samsung 245BW; VISTA-Ultimate

  5. #5
    Silver Member joshsiao's Avatar
    Join Date
    Jun 2003
    Location
    Singapore
    Posts
    357
    Please do not reply to this message. It was sent from an unmonitored e-mail address and we are unable to respond to any replies.
    This sentence WILL immediately imply that its not from Microsoft at all because you will have to reply if you have questions and they Micosoft WILL have to answer them. Its impossible that Micorsoft will ever say this. The sentence structure is also written in a more informal and causal form. Micosoft Inc. as a whole will never write informal sentences. Even if its Bill Gates writting to you alone unless you are his very good friend.

    this is the latest version of security update, the "September 2003, Cumulative Patch" update which eliminates all known security vulnerabilities affecting MS Internet Explorer, MS Outlook and MS Outlook Express as well as three newly discovered vulnerabilities. Install now to help protect your computer from these vulnerabilities, the most serious of which could allow an malicious user to run executable on your computer. This update includes the functionality of all previously released patches.
    This is the main giveaway, never in my life have I ever seen such things claiming that it will patch all vunerabilities because firstly, there is always undiscovered loopholes and secondly, Micosoft's software, especially Windows IS always full of loopholes. Maybe cover all previously found loopholes but never ALL so much so that it makes the program perfect.

    Also, the information given is very vague. Microsoft will never just say its just a September cumulative patch. They will always give the serial number of the patch like Q327979.

    Thank God that I do pay attention during English Lessons. Its become a force of habit to read all my email this way. I am always very cautious of viruses. Good thing you consulted the forums first.
    "Never seem more learnt then the people you are with. Wear your learning like a watch and keep it hidden. Do not pull it out to count the hours, but give the time when you are asked."
    ~Chesterfield

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •