| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 20638 | 2002-06-09 07:43:00 | Why would M/Soft send me a patch? | Guest (0) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 53418 | 2002-06-09 07:43:00 | Hi people, This was sent to me today. Is is legit? Here is the return path, with the message below. Return-path: <rosco.6p@xtra.co.nz> Received: from fep7 (mx1.clear.net.nz [203.97.33.28]) by local-daemon (CLEAR Net Mail) with ESMTP id <0GXC00DT2UV8VD@local-daemon> for bicycle@ims-ms-daemon (ORCPT bicycle@clear.net.nz); Sat, 08 Jun 2002 09:40:20 +1200 (NZST) Received: from mta1-rme.xtra.co.nz (mta1-rme.xtra.co.nz [210.86.15.129]) by mx1.clear.net.nz (CLEAR Net Mail) with ESMTP id <0GXC006O0UV6BX@mx1.clear.net.nz> for bicycle@clear.net.nz; Sat, 08 Jun 2002 09:40:18 +1200 (NZST) Received: from p****ie ([210.86.46.253]) by mta1-rme.xtra.co.nz with SMTP id <20020607214016.SOXA19702.mta1-rme.xtra.co.nz@p****ie>; Sat, 08 Jun 2002 09:40:16 +1200 Date: Sat, 08 Jun 2002 09:40:17 +1200 From: Microsoft Corporation Security Center <rdquest12@microsoft.com> Subject: Internet Security Update X-Envelope-To: bicycle@clear.net.nz To: Microsoft Customer <'customer@yourdomain.com'> Reply-to: rdquest12@microsoft.com Message-id: <20020607214016.SOXA19702.mta1-rme.xtra.co.nz@p****ie> MIME-version: 1.0 Content-type: multipart/mixed; boundary=NextPart_000235 Microsoft Customer, this is the latest version of security update, the '4 Jun 2002 Cumulative Patch' update which eliminates all known security vulnerabilities affecting Internet Explorer and MS Outlook/Express as well as six new vulnerabilities, and is discussed in Microsoft Security Bulletin MS02-005. Install now to protect your computer from these vulnerabilities, the most serious of which could allow an attacker to run code on your computer. Description of several well-know vulnerabilities: - 'Incorrect MIME Header Can Cause IE to Execute E-mail Attachment' vulnerability. If a malicious user sends an affected HTML e-mail or hosts an affected e-mail on a Web site, and a user opens the e-mail or visits the Web site, Internet Explorer automatically runs the executable on the user's computer. - A vulnerability that could allow an unauthorized user to learn the location of cached content on your computer. This could enable the unauthorized user to launch compiled HTML Help (.chm) files that contain shortcuts to executables, thereby enabling the unauthorized user to run the executables on your computer. - A new variant of the 'Frame Domain Verification' vulnerability could enable a malicious Web site operator to open two browser windows, one in the Web site's domain and the other on your local file system, and to pass information from your computer to the Web site. - CLSID extension vulnerability. Attachments which end with a CLSID file extension do not show the actual full extension of the file when saved and viewed with Windows Explorer. This allows dangerous file types to look as though they are simple, harmless files - such as JPG or WAV files - that do not need to be blocked. System requirements: Versions of Windows no earlier than Windows 95. This update applies to: Versions of Internet Explorer no earlier than 4.01 Versions of MS Outlook no earlier than 8.00 Versions of MS Outlook Express no earlier than 4.01 How to install Run attached file q216309.exe How to use You don't need to do anything after installing this item. For more information about these issues, read Microsoft Security Bulletin MS02-005, or visit link below. www.microsoft.com If you have some questions about this article contact us at rdquest12@microsoft.com Thank you for using Microsoft products. With friendly greetings, MS Internet Security Center. ---------------------------------------- ---------------------------------------- Microsoft is registered trademark of Microsoft Corporation. Windows and Outlook are trademarks of Microsoft Corporation. |
Guest (0) | ||
| 53419 | 2002-06-09 07:51:00 | The file is a VIRUS (W32.Gibe@mm) do not install it, delete it. Do you run an up to date virus checker? If not you may consider it essential as this virus can not only cause problems for you PC but is capable of being sent from your PC to others, without your knowledge. (Thats how you got it) Looks like in your case it came from rosco.6p@xtra.co.nz, if you know who this is please let them know. tj |
Guest (0) | ||
| 53420 | 2002-06-09 08:20:00 | Microsoft *never* send patches. Even when you get one through PSS they direct you to an FTP site and password the .zip file. It is a virus. Delete it. |
Guest (0) | ||
| 53421 | 2002-06-09 10:01:00 | Lets have a think about this one... Do you really think microsoft values your paying them as much as you do to send a security patch by email?? No. It is hard enough to even get microsoft to admit their product have bugs, let alone get them to fix them, and to have them actually send you the fix would be unheard of!! |
Guest (0) | ||
| 53422 | 2002-06-09 10:08:00 | Return-path: <rosco.6p@xtra.co.nz> Received: from fep7 (mx1.clear.net.nz [203.97.33.28]) That bit there from the top of your headers is a bit of a give away that it did not come from M$, roscco.6p@xtra not=M$!!! If you happen to know 'rosco' best let him/her/it know that 'p****ie' (rosco's computer) has the dreaded lurg! |
Guest (0) | ||
| 53423 | 2002-06-09 12:44:00 | Hi Berys Yes its a virus.Delete and Block sender.Messages/block sender (outlook) Check your antivirus to alert you and scan incoming emails |
Guest (0) | ||
| 53424 | 2002-06-09 20:44:00 | It is a virus, MS never sends out patches let alone information about patches. Since you know who the sender is <rosco.6p@xtra.co.nz> if it is someone you know, contact them and tell them to do a virus scan and why. If the person is unknown to you contact xtra on abuse@xtra.co.nz and give them everything you gave in this post so they can look into it. |
Guest (0) | ||
| 53425 | 2002-06-10 03:32:00 | Thanks for the replys. Have sent on to xtra. Yes I have virus software, and when I looked into it further, Norton had quarantined the file. Didn't realise this before I posted, because I never open attachment from people I don't know. This is the best site on the web. Thanks again for your help. |
Guest (0) | ||
| 53426 | 2002-06-10 04:12:00 | Ye4s it's a virus. The other absolutely certain fact is that 'rosco@xtra.co.nz' never sent it. | Guest (0) | ||
| 1 | |||||