MS email "Security Update" ??

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

I received the email shown below with the MS logo, header and links to MS.
The email said to download and install the file: Q267437.exe as the latest
MS cumulative Jan-05 patch.
It was sent by: "MS Customer Services" <ihmkvf@advisor.com>
It was sent to: "Microsoft Corporation User" <user.gaeodlhf@advisor.com>
(not me)

Is this email really from MS? I've never seen MS distribute Windows
security update by email.

Please let me know!
Thanks,
Earl

Here is the email.

Microsoft User

this is the latest version of security update, the "January 2005, Cumulative
Patch" update which resolves all known security vulnerabilities affecting MS
Internet Explorer, MS Outlook and MS Outlook Express. Install now to maintain
the security of your computer from these vulnerabilities, the most serious of
which could allow an attacker to run code on your system. This update
includes the functionality of all previously released patches.


System requirements Windows 95/98/Me/2000/NT/XP
This update applies to MS Internet Explorer, version 4.01 and later
MS Outlook, version 8.00 and later
MS Outlook Express, version 4.01 and later
Recommendation Customers should install the patch at the earliest
opportunity.
How to install Run attached file. Choose Yes on displayed dialog box.
How to use You don't need to do anything after installing this item.

Microsoft Product Support Services and Knowledge Base articles can be found
on the Microsoft Technical Support web site. For security-related information
about Microsoft products, please visit the Microsoft Security Advisor web
site, or Contact Us.

Thank you for using Microsoft products.

Please do not reply to this message. It was sent from an unmonitored e-mail
address and we are unable to respond to any replies.
3 answers Last reply
More about email security update
  1. Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

    Microsoft doesn't distribute security patches this way. Do not touch
    attachments and remove e-mail from your computer. All MS patches and
    updates are on their website which you can get by clicking on Programs
    > Windows Update.
  2. Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

    You received a bogus email message! Microsoft never
    distributes security updates via email attachments!

    How to Tell If a Microsoft Security-Related Message Is Genuine
    http://www.microsoft.com/security/incident/authenticate_mail.mspx

    --
    Carey Frisch
    Microsoft MVP
    Windows XP - Shell/User


    Be Smart! Protect Your PC!
    http://www.microsoft.com/athome/security/protect/default.aspx

    ----------------------------------------------------------------------------

    "Earl" wrote:

    | I received the email shown below with the MS logo, header and links to MS.
    | The email said to download and install the file: Q267437.exe as the latest
    | MS cumulative Jan-05 patch.
    | It was sent by: "MS Customer Services" <ihmkvf@advisor.com>
    | It was sent to: "Microsoft Corporation User" <user.gaeodlhf@advisor.com>
    | (not me)
    |
    | Is this email really from MS? I've never seen MS distribute Windows
    | security update by email.
    |
    | Please let me know!
    | Thanks,
    | Earl
    |
    | Here is the email.
    |
    | Microsoft User
    |
    | this is the latest version of security update, the "January 2005, Cumulative
    | Patch" update which resolves all known security vulnerabilities affecting MS
    | Internet Explorer, MS Outlook and MS Outlook Express. Install now to maintain
    | the security of your computer from these vulnerabilities, the most serious of
    | which could allow an attacker to run code on your system. This update
    | includes the functionality of all previously released patches.
    |
    |
    | System requirements Windows 95/98/Me/2000/NT/XP
    | This update applies to MS Internet Explorer, version 4.01 and later
    | MS Outlook, version 8.00 and later
    | MS Outlook Express, version 4.01 and later
    | Recommendation Customers should install the patch at the earliest
    | opportunity.
    | How to install Run attached file. Choose Yes on displayed dialog box.
    | How to use You don't need to do anything after installing this item.
    |
    | Microsoft Product Support Services and Knowledge Base articles can be found
    | on the Microsoft Technical Support web site. For security-related information
    | about Microsoft products, please visit the Microsoft Security Advisor web
    | site, or Contact Us.
    |
    | Thank you for using Microsoft products.
    |
    | Please do not reply to this message. It was sent from an unmonitored e-mail
    | address and we are unable to respond to any replies.
  3. Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

    eeh wrote:
    > I received the email shown below with the MS logo, header and links to MS.
    > The email said to download and install the file: Q267437.exe as the latest
    > MS cumulative Jan-05 patch.
    > It was sent by: "MS Customer Services" <ihmkvf@advisor.com>
    > It was sent to: "Microsoft Corporation User" <user.gaeodlhf@advisor.com>
    > (not me)
    >
    > Is this email really from MS? I've never seen MS distribute Windows
    > security update by email.
    >
    >


    What you're apparently receiving is the output of a computer
    infected by one of several widely publicized, wide-spread, mass emailing
    worms. The virus' authors have deliberately spoofed the Microsoft
    information in the hopes of garnering more victims. This sort of email
    has been very common for the 18 months or more. The most widely-known are:

    W32.Swen.A_mm
    http://securityresponse.symantec.com/avcenter/venc/data/w32.swen.a@mm.html

    W32.Dumaru_mm
    http://securityresponse.symantec.com/avcenter/venc/data/w32.dumaru@mm.html

    W32.Gibe_mm
    http://securityresponse.symantec.com/avcenter/venc/data/w32.gibe@mm.html

    Trojan.Xombe
    http://www.symantec.com/avcenter/venc/data/trojan.xombe.html

    Microsoft never has, does not currently, and very probably never
    will email unsolicited security patches. At the most, if, and only if,
    you subscribe to their security notification newsletter, they will send
    you an email informing you that a new patch is available for downloading.

    Microsoft Policies on Software Distribution
    http://www.microsoft.com/technet/treeview/?url=/technet/security/policy/swdist.asp

    Information on Bogus Microsoft Security Bulletin Emails
    http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/news/patch_hoax.asp

    How to Tell If a Microsoft Security-Related Message Is Genuine
    http://www.microsoft.com/security/antivirus/authenticate_mail.asp

    Remember, any and all legitimate patches and updates are readily
    available at http://windowsupdate.microsoft.com/. You should develop
    the habit of checking this site at least once a month to keep your
    computer up-to-date. (Notice that this is the true URL, rather than the
    bogus one that may have been contained in the email you received.) Any
    messages that point to any other source(s) or claim to have the patch
    attached are bogus.

    You're receiving these emails because your email address is in
    the address book of someone infected with a worm, and/or because you
    posted your real email address somewhere on-line, either in a forum
    accessible to the public and spambots, such as Usenet, or on an
    untrustworthy web site that subsequently sold your address as part of a
    mailing list. One thing you can do is notify _everyone_ with whom
    you've ever corresponded via email that one or more of them may be
    infected with a mass emailing worm, and should take the appropriate
    steps. You can also ask your ISP to take steps to preclude their mail
    server from passing on such emails. Many ISPs have such filtering
    capabilities.

    --

    Bruce Chambers

    Help us help you:
    http://dts-l.org/goodpost.htm
    http://www.catb.org/~esr/faqs/smart-questions.html

    You can have peace. Or you can have freedom. Don't ever count on having
    both at once. - RAH
Ask a new question

Read More

Security Email Microsoft Windows XP