WARNING: Spoof Microsoft email alert...

[devolution]

There is an email going round, purporting to be from Microsoft, which actualy contains a virus. The email pretends to be a Security/Support update, but the attachment contains a virus. Judging from the email headers, the virus looks like an address-book respawn virus (it takes advantage of address book vulnerabilities to send itself out).

The FROM field will read MICROSOFT, and the TO field reads MICROSOFT CUSTOMER. The SUBJECT field will contain something along the lines of SECURITY UPDATE or similar.

If found, delete the email immediately.


Email message sample follows:


Microsoft Customer

this is the latest version of security update, the
"May 2001, Cumulative Patch" update which eliminates
all known security vulnerabilities affecting Internet Explorer,
Outlook and Outlook Express as well as five newly
discovered vulnerabilities. Install now to protect your computer
from these vulnerabilities, the most serious of which could allow
an attacker to run executable on your system. This update includes
the functionality of all previously released patches.

System requirements Win 9x/Me/2000/NT/XP
This update applies to Microsoft Internet Explorer, version 4.01 and later
Microsoft Outlook, version 8.00 and later
Microsoft Outlook Express, version 4.01 and later
Recommendation Customers should install the patch at the earliest opportunity.
How to install Run attached file. Click Yes on displayed dialog box.
How to use You don't need to do anything after installing this item.

Microsoft Product Support Services and Knowledge Base articles
can be found on the Microsoft Technical Support web site.
For security-related information about Microsoft products, please
visit the Microsoft Security Advisor web site, or Contact us.

Please do not reply to this message. It was sent from an unmonitored
e-mail address and we are unable to respond to any replies.

Thank you for using Microsoft products.

Best regards from
MS Internet Public Support

--------------------------------------------------------------------------------
©2003 Microsoft Corporation. All rights reserved. The names of the actual companies
and products mentioned herein may be the trademarks of their respective owners.

[bidawinner]

Hey Dev, Question for you,

Have you ever heard of anyone unsing the the (or spoofing) the little microsoft update "pop -up" widndow to add a virus?

That is one that concerns me because I'll bet most people (like myself) simply give it the OK..

[mole]

Norton Internet Security 2003 - don't enter the Internet without it

NIS scans all incoming mail for things like this, and updates itself in real time.

[dtobias]

The best way to be immune to all these viruses and hoaxes is to avoid Microsoft products... if you use a non-MS mail program (e.g., Pegasus, Eudora, Mozilla, Pine) and a non-MS browser (Mozilla, Opera, Lynx), then you won't be vulnerable to MS-specific security holes (or have an Outlook address book for a virus to spawn itself to if you do somehow get infected). If you go even further and use a non-MS operating system (Linux, MacOS), then Windows viruses can't even run if you try to launch them.

[mole]

Originally posted by dtobias
The best way to be immune to all these viruses and hoaxes is to avoid Microsoft products... if you use a non-MS mail program (e.g., Pegasus, Eudora, Mozilla, Pine) and a non-MS browser (Mozilla, Opera, Lynx), then you won't be vulnerable to MS-specific security holes (or have an Outlook address book for a virus to spawn itself to if you do somehow get infected). If you go even further and use a non-MS operating system (Linux, MacOS), then Windows viruses can't even run if you try to launch them.

Another mainstream product basher

Mics is here to stay, no matter what we say.

[sicomp]

I got this one yesterday myself on 2 different accounts. AVG catches this, and so does Norton. If any are interested you can download AVG for free. AVG Antivirus


Scott