This is NOT a legitimate patch! Microsoft will NEVER ever send
patches via email. They may send you an email advising that a
patch is available for download from thier site.
The original email in question is a Virus
Gibe worm
Discovered March 04/2002
W32.Gibe@mm is a worm that uses Microsoft Outlook and its own
SMTP engine to spread. This worm arrives in an email
message--which is disguised as a Microsoft Internet Security
Update--as the attachment Q216309.exe.
Reference urls:
http://www.antivirus.com/pc-cillin/vinfo/virusencyclo/default5.asp
?VName=WORM_GIBE.A
(this url may wrap)
http://vil.nai.com/vil/content/v_99377.htm
[log in to unmask]" target="_blank">http:[log in to unmask]
http://www.Europe.f-secure.com/v-descs/gibe.shtml
http://zdnet.com.com/2100-1105-853235.html
Information borrowed from Symantec:
Technical description:
The fake message, which is not from Microsoft, has the following
characteristics:
From: Microsoft Corporation Security Center
Subject: Internet Security Update
Message:
Microsoft Customer,
this is the latest version of security update, the update which
eliminates all known security vulnerabilities affecting Internet
Explorer and MS Outlook/Express as well as six new
vulnerabilities
.
.
.
How to install
Run attached file q216309.exe
How to use
You don't need to do anything after installing this item.
~~
I do hope that helps
Christy White
*********** REPLY SEPARATOR ***********
On 3/8/02 at 7:31 AM [log in to unmask] wrote:
>In a message dated 03/08/2002 3:33:50 AM Eastern Standard Time,
>[log in to unmask] writes:
>
>
>> Got a message from Microsoft Security ("Thank you for using
Microsoft
>> products. With friendly greetings, MS Internet Security
Center.") about
>> "this is the latest version of security update, the "2 Mar
2002
>Cumulative
>> Patch" update which eliminates all known security
vulnerabilities
>affecting
>> Internet Explorer and MS Outlook/Express as well as six new
>> vulnerabilities,
>> and is discussed in Microsoft Security Bulletin MS02-005.
Install now to
>> protect your computer from these vulnerabilities, the most
serious of
>which
>> could allow an attacker to run code on your computer."
>>
>> I haven't touched the .exe file that is attached because I'm
paranoid.
>> Microsoft has never sent me anything telling me their software
is faulty
>> and
>> offering me help.
>>
>> Is this one of the viri going around?
>>
>> TIA,
>> Brenda
>
>Hi,
> This is a legitimate *patch*. However, you may want to get the
official
>patch from Microsoft, and NOT run the one sent you (as it
*might* be
>something else...)
> You can get the official patch here:
> <A
>HREF="http://www.microsoft.com/technet/treeview/default.asp?url=/
technet/security/bulletin/MS02-005.asp">Microsoft TechNet</A>
>or the regular URL:
>http://www.microsoft.com/technet/treeview/default.asp?url=/techne
t/security/bu
>
>lletin/MS02-005.asp
>
>HTH,
>Peter Hogan
>[log in to unmask]
>
The NOSPIN Group Promotions is now offering
Mandrake Linux or Red Hat Linux CD sets along
with our NOSPIN Power Linux CD... at a great price!!!
http://freepctech.com/goodies/promotions.shtml
|