At 07:31 03/08/02, [log in to unmask] wrote:
>On 03/08/2002 at 3:33:50 EST, [log in to unmask] wrote:
> > Got a message from Microsoft Security ("Thank you for using
> > Microsoft products. With friendly greetings, MS Internet
> > Security Center.") about "this is the latest version of
> > security update, the  "2 Mar 2002 Cumulative Patch"...
> > I haven't touched the .exe file that is attached because
> > I'm paranoid. Microsoft has never sent me anything telling
> > me their software is faulty and offering me help.
>
>This is a legitimate *patch*. However, you may want to get the
>official patch from Microsoft, and NOT run the one sent you
>as it *might* be something else...

I read recently that someone claiming to be Microsoft is sending a
fake (virus infected) "security patch" attached to emails. I forget
the details (I skim through hundreds of emails a day). As Peter said,
there is indeed a cumulative security patch at Microsoft's website
(which is already out of date after about a week)...but I'm sure
they wouldn't send it out attached to an email.

This is an old trick. I got a message like this last year...and the
attachment was indeed a virus. (If I recall correctly, they said
they were emailing me a security patch that would "update" all MS
operating systems...because I was such a loyal customer.) I'll bet
that if you examine the full headers of your message (as David G.
mentioned) you'll find it's not really from Microsoft. (You might
have to run a Whois on IP addresses from the headers.)

Regards,
Bill

               The NOSPIN Group Promotions is now offering
              Mandrake Linux or Red Hat Linux CD sets along
         with our NOSPIN Power Linux CD...  at a great price!!!
             http://freepctech.com/goodies/promotions.shtml