General discussion
-
CreatorTopic
-
March 11, 2005 at 5:01 pm #2176913
well now, isn’t that interesting…
Lockedby jaqui · about 19 years ago
email supposedly from microsoft with security updates for ie, outbreak, outbreak express.
it was addressed to microsoft user.
and gibberish email addy in to field:
Subject:
*TELUS Detected Spam*: New Net Critical Upgrade
From:
“Microsoft Security Bulletin” < >
Date:
Sat, 12 Mar 2005 00:42:53 +0100 (added by postmaster@mail-relay-1.tiscali.it)
To:
“Commercial Consumer”
X-UIDL:
<4202030C0058A13C@mail-relay-1.tiscali.it>
X-Mozilla-Status:
0001
X-Mozilla-Status2:
10000000
Return-Path:
Received:
from mail-relay-1.tiscali.it ([213.205.33.41]) by priv-edtnes82.telusplanet.net (InterMail vM.6.01.04.00 201-2131-118-20041027) with ESMTP id <20050311234816.OGE17255.priv-edtnes82.telusplanet.net@mail-relay-1.tiscali.it> for; Fri, 11 Mar 2005 16:48:16 -0700
Received:
from tuflik (82.84.149.21) by mail-relay-1.tiscali.it (7.1.021.3) id 4202030C0058A13C; Sat, 12 Mar 2005 00:42:53 +0100
Message-ID:
<4202030C0058A13C@mail-relay-1.tiscali.it> (added by postmaster@mail-relay-1.tiscali.it)
MIME-Version:
1.0
Content-Type:
multipart/mixed; boundary=”nceykljrmmdsrex”Microsoft All Products | Support | Search | Microsoft.com Guide
Microsoft HomeMicrosoft Consumer
this is the latest version of security update, the “March 2005, Cumulative Patch” update which fixes all known security vulnerabilities affecting MS Internet Explorer, MS Outlook and MS Outlook Express as well as three newly discovered vulnerabilities. Install now to help maintain the security of your computer. This update includes the functionality of all previously released patches.
System requirements Windows 95/98/Me/2000/NT/XP
This update applies to MS Internet Explorer, version 4.01 and later
MS Outlook, version 8.00 and later
MS Outlook Express, version 4.01 and later
Recommendation Customers should install the patch at the earliest opportunity.
How to install Run attached file. Choose Yes on displayed dialog box.
How to use You don’t need to do anything after installing this item.Microsoft Product Support Services and Knowledge Base articles can be found on the Microsoft Technical Support web site. For security-related information about Microsoft products, please visit the Microsoft Security Advisor web site, or Contact Us.
Thank you for using Microsoft products.
Please do not reply to this message. It was sent from an unmonitored e-mail address and we are unable to respond to any replies.
The names of the actual companies and products mentioned herein are the trademarks of their respective owners.Contact Us | Legal | TRUSTe
?2005 Microsoft Corporation. All rights reserved. Terms of Use | Privacy Statement | Accessibility
installer681.exeContent-Type:
application/x-msdownload
Content-Encoding:
base64Topic is locked -
CreatorTopic
All Comments
-
AuthorReplies
-
-
March 12, 2005 at 6:59 am #3350911
Well with all the mistakes
by hal 9000 · about 19 years ago
In reply to well now, isn’t that interesting…
IT just could be from MS couldn’t it? 😉
But that would be a first MS sending out an EXE as an attachment somehow I would bin it but I wonder just how many where sucked in but it. 😀
Col ]:)
-
March 12, 2005 at 9:24 am #3350897
probably a
by jaqui · about 19 years ago
In reply to Well with all the mistakes
lot of people.
I did report to both security focus and microsoft with the content posted here.
both received the info that I’m linux only so even the subject was obvious it wasn’t for real.
-
March 14, 2005 at 6:43 am #3347239
No attachments please
by gunnar klevedal · about 19 years ago
In reply to Well with all the mistakes
I have very ernestly told all our end users that Microsoft never would send them an update in the form of an attachment, and that they never will.
-
March 14, 2005 at 7:08 pm #3335640
I know that too
by hal 9000 · about 19 years ago
In reply to No attachments please
But just how many home users do?
I’m constantly telling people that MS never send out attachments for anything unless it is something that you have talked to a tech about and even then it is a rare event. I’ve only had one in my life time and that was something that was not even at the Beta test stage but it did cure a problem that we where experiencing and it wasn’t available from the MS download site so they had to send me the copy.
But because that looks so realistic and so few people actually get the MS Security Bulletins most would think that it was real and just install it.
I wonder what it does?
Any ideas?
Col
-
-
-
March 12, 2005 at 9:08 am #3350901
Speaking of F-Ups –
by dafe2 · about 19 years ago
In reply to well now, isn’t that interesting…
Check this out:
http://techrepublic.com.com/5208-6230-0.html?forumID=5&threadID=155727&messageID=1688421
http://techrepublic.com.com/5208-6230-0.html?forumID=8&threadID=164853&messageID=1724750
Gotta wonder how many people fall for that stuff today????
May wife saw a few Bank Phishes the other day in her mail too. (That scares me …. she’s blonde)LOL
-
March 12, 2005 at 9:21 am #3350898
~lol~
by jaqui · about 19 years ago
In reply to Speaking of F-Ups –
so’s mine.
but for some reason I don’t worry about that.
( she doesn’t trust emails from a bank )-
March 12, 2005 at 9:54 am #3350895
Ditto
by dafe2 · about 19 years ago
In reply to ~lol~
She doesn’t either………….but she does have all the ‘traits’ sometimes. LOL
Last night:
We were watching TV (With my three year old daughter in the room.) So I asked my wife –> ya wanna ‘duck’?
ROFL…………
I thought she was headed for the grocery store….instead of the bed. Yup, true blond.
-
-
March 14, 2005 at 6:50 am #3347230
Actually, the colour of your hair….
by gunnar klevedal · about 19 years ago
In reply to Speaking of F-Ups –
Actually, the colour of your hair don’t make you a bimbo. Not your sex either. Most of us do the best we could.
Tribute goes to Steve Wozniak
-
-
March 12, 2005 at 1:12 pm #3350863
-
March 12, 2005 at 1:23 pm #3350859
that’s kind of my points
by jaqui · about 19 years ago
In reply to Glitch
to make them more precise:
1) I do not have windows, so something that starts with Microsoft Consumer is a giveaway it’s spam.
2) even if I had windows, I wouldn’t be using the email address it showed up on for contact, that is my development list address.anything from microsoft, msn or any variation thereof, is assumed to be spam, as I have no dealings with microsoft.
-
-
March 12, 2005 at 1:18 pm #3350860
Last legit MS Security Bulletin e-mail was 08MAR05.
by deepsand · about 19 years ago
In reply to well now, isn’t that interesting…
Legit ones employ PGP; they never contain attachments; and, they only advise of new & revised Security Bulletins available at MS’s site.
For purposes of comparision, below is most recent one.
==================================================
Date: Tue, 08 Mar 2005 03:21:51 PM EST
From: “Microsoft” <10_11043_iTuibh3b/kap1M528EMx1w@newsletters.microsoft.com>
To:
Subject: Microsoft Security Bulletin Minor Revisions——————————————————————————–
—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1********************************************************************
Title: Microsoft Security Bulletin Minor Revisions
Issued: March 8, 2005
********************************************************************Summary
=======
The following bulletins have undergone a major revision increment.
Please see the appropriate bulletin for more details.* MS05-002
* MS05-015Bulletin Information:
=====================* MS05-002
– http://www.microsoft.com/technet/security/bulletin/MS05-002.mspx
– Reason for re-release: Frequently Asked Questions updated to
reflect Windows 98, 98SE and ME security update availability.– Originally posted: January 11, 2005
– Updated: March 8, 2005
– Bulletin Severity Rating: Critical
– Version: 1.2* MS05-015
– http://www.microsoft.com/technet/security/bulletin/MS05-015.mspx
– Reason for re-release: Frequently Asked Questions updated to
reflect Windows 98, 98SE and ME security update availability.– Originally posted: February 8, 2005
– Updated: March 8, 2005
– Bulletin Severity Rating: Critical
– Version: 1.2********************************************************************
Support:
========
Technical support is available from Microsoft Product Support
Services at 1-866-PC SAFETY (1-866-727-2338). There is no
charge for support calls associated with security updates.
International customers can get support from their local Microsoft
subsidiaries. Phone numbers for international support can be found
at: http://support.microsoft.com/common/international.aspxAdditional Resources:
=====================
* Microsoft has created a free monthly e-mail newsletter containing
valuable information to help you protect your network. This
newsletter provides practical security tips, topical security
guidance, useful resources and links, pointers to helpful
community resources, and a forum for you to provide feedback
and ask security-related questions.
You can sign up for the newsletter at:http://www.microsoft.com/technet/security/secnews/default.mspx
* Protect your PC: Microsoft has provided information on how you
can help protect your PC at the following locations:http://www.microsoft.com/security/protect/
If you receive an e-mail that claims to be distributing a
Microsoft security update, it is a hoax that may be distributing a
virus. Microsoft does not distribute security updates via e-mail.
You can learn more about Microsoft’s software distribution
policies here:http://www.microsoft.com/technet/security/topics/policy/swdist.mspx
********************************************************************
THE INFORMATION PROVIDED IN THE MICROSOFT KNOWLEDGE BASE IS
PROVIDED “AS IS” WITHOUT WARRANTY OF ANY KIND. MICROSOFT
DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING
THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
PURPOSE.
IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE
LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT,
INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL
DAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN
ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY
FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING
LIMITATION MAY NOT APPLY.
********************************************************************—–BEGIN PGP SIGNATURE—–
Version: PGP 8.1iQIVAwUBQi30k4reEgaqVbxmAQLF4Q/+MY6Fd+qMBEzZeTWWaqZkDqBEmsgc77ss
IGmrz0Jz19Nz6eJu5ndlVGIbHi8eA79qT39NOPOGqsgZD9lYcil8qcusqrGHmB1p
Pi4szxQw7lZYlE6GILAT5WT/JYPK8nPeDLAUirz8vU5uV8/PA617iddGIllK/hmU
owKu3e/NLo88OEggew0/WbpwEFEFu40IJ5dAhi+1zZyQ6zlCFkcTnr6gBXVZrxMd
7lgkNMrDVjqFD4LBSW91stm62+OTTh9Je99XDkSGrmvvfpnftSwbkfuj0vT++bP5
6zwDo18HmotB0qyh/RkMEVXbzN7wH2iVRtyvq9biccAFk8Xccjbv0MFzUePpuES/
UWeQsMknKfCw/B0HqBAFwvg1EB0i/aWQNX6z7xedcYn6NhBwKng/35XKUWYMPaHP
BENSfna1fjpzknhkIjUwVfla5+mviqfxK5X6UsM4QAG7IAVOGzxpEU4ZdubSjsy5
JAyMJxiKIRMJXNNlP1D1jEiY8a7MLOnZfcl9aEHbBIN+o+OuITRLKv+X8peNab3I
gNo5qlyV2S4oiecaZFdJM4jrJe2HW+Eq5Lyn9HNK7tYv5V2o5Cs5TIC7y7FHSjNG
80TuumHbqTNS7TmUoZY9/LvWqmoZSaNgPIT4vwUqDZVZYm0RaAMqvsVbIL6mCIOI
h8QgRkHl7sw=
=JABV
—–END PGP SIGNATURE—–
To cancel your subscription to this newsletter, reply to this message with the
word UNSUBSCRIBE in the Subject line. You can also unsubscribe at the
Microsoft.com web site <http://www.microsoft.com/misc/unsubscribe.htm>. You can
manage all your Microsoft.com communication preferences at this site.Legal Information <http://www.microsoft.com/info/legalinfo/default.mspx>.
This newsletter was sent by the Microsoft Corporation
1 Microsoft Way
Redmond, Washington, USA
98052-
March 12, 2005 at 3:30 pm #3350814
in other words
by jaqui · about 19 years ago
In reply to Last legit MS Security Bulletin e-mail was 08MAR05.
they don’t send an email without you subscribing to get them.
I don’t use ms products at all, so I don’t ever expect to need ms to send me somethng.
-
March 13, 2005 at 2:56 pm #3331228
Correct.
by deepsand · about 19 years ago
In reply to in other words
In fact, if you examine the header of the e-mail you received, you’ll see that it did’nt come from MS at all.
-
March 13, 2005 at 4:26 pm #3331211
-
March 14, 2005 at 6:57 am #3347222
For the benefit of others.
by deepsand · about 19 years ago
In reply to I knew that before I finished reading the subject line
I assumed nothing re. your understanding of such.
However, I did allow for the possiblility that there may be others present who might not have examined, or even know how to examine, the header.
This post was intended for the general benefit of all, not as a critique of your knowledge and skills.
-
-
March 14, 2005 at 7:14 am #3347200
Thanks, I registered 1 minute ago
by gunnar klevedal · about 19 years ago
In reply to Last legit MS Security Bulletin e-mail was 08MAR05.
Thanks Deepsand
I registered to the newsletter 1 minute ago.
By the way, all this dotnet jive, Would it be an MS reply to J2EE?-
March 14, 2005 at 1:52 pm #3335775
possibly, but
by jaqui · about 19 years ago
In reply to Thanks, I registered 1 minute ago
.net and j2ee are completely different.
.net is a ditributed computing framework.
the j2ee is a enterprise environment.
this is why sun’s grid computing is probably a response to .net
reference:
-
March 14, 2005 at 3:16 pm #3335741
You might also be interested in, …
by deepsand · about 19 years ago
In reply to Thanks, I registered 1 minute ago
if you did not notice them on the MS Subscription page, both the Security Newsletter & the Response Center Bulletin Notification , both of which are published monthly.
-
-
-
March 12, 2005 at 11:01 pm #3331378
MS people are illiterate!!
by jaqui · about 19 years ago
In reply to well now, isn’t that interesting…
full email I got back from them, after cutting the email that started this thread.
Subject:
CST188598458ID – RE:Microsoft.Com ContactUS
From:
“Microsoft ContactUs”
Date:
Sat, 12 Mar 2005 20:00:05 -0800
To:
X-UIDL:
<02b801c52781$23a641d0$0855fd0a@partners.extranet.microsoft.com>
X-Mozilla-Status:
0003
X-Mozilla-Status2:
00000000
Return-Path:
Received:
from smtphost2.microsoft.com ([131.107.3.117]) by priv-edtnes16.telusplanet.net (InterMail vM.6.01.04.00 201-2131-118-20041027) with ESMTP id <20050313040005.RFNH3983.priv-edtnes16.telusplanet.net@smtphost2.microsoft.com> for; Sat, 12 Mar 2005 21:00:05 -0700
Received:
from EXT-SMTP-01.partners.extranet.microsoft.com ([10.251.70.190]) by smtphost2.microsoft.com with Microsoft SMTPSVC(6.0.3790.1802); Sat, 12 Mar 2005 20:00:02 -0800
Received:
from tksdspsmtcss02.partners.extranet.microsoft.com ([10.251.84.153]) by EXT-SMTP-01.partners.extranet.microsoft.com with Microsoft SMTPSVC(6.0.3790.211); Sat, 12 Mar 2005 20:01:18 -0800
Received:
from mail pickup service by tksdspsmtcss02.partners.extranet.microsoft.com with Microsoft SMTPSVC; Sat, 12 Mar 2005 20:00:05 -0800
X-Originating-IP:
10.251.84.153
Thread-Topic:
CST188598458ID – RE:Microsoft.Com ContactUS
X-Mailer:
Microsoft CSS 2000
X-CSSTicketID:
188598458
thread-index:
AcUngSOjFTUN+9uFRemauOlsLKr9Bg==
Message-ID:
<02b801c52781$23a641d0$0855fd0a@partners.extranet.microsoft.com>
MIME-Version:
1.0
Content-Type:
multipart/alternative; boundary=”—-=_NextPart_000_02B9_01C5273E.158301D0″
Content-Class:
urn:content-classes:message
Importance:
normal
Priority:
normal
X-MimeOLE:
Produced By Microsoft MimeOLE V6.00.3790.132
X-OriginalArrivalTime:
13 Mar 2005 04:00:05.0323 (UTC) FILETIME=[23B499B0:01C52781]
Return-Path:
microsoftcom_contactus@css.one.microsoft.comHello,
Thank you for contacting Microsoft.com Customer Support.
I know how important it is for you to know if this is really from Microsoft or not. The notification you received is not from Microsoft.
Microsoft never widely distributes software, or any attachments, through e-mail, even in our security updates. Here are some guidelines to help you identify whether or not a Microsoft security-related message is genuine:
http://www.microsoft.com/security/incident/authenticate_mail.mspxFor more information about Microsoft’s software distribution policies, please visit:
http://www.microsoft.com/technet/Security/topics/policy/swdist.mspxCertain worms and viruses, as well as malicious individuals, have been known to send bogus bulletins that appear to be coming from Microsoft, a tactic known as spoofing. Unfortunately, this is a result of the flexibility of e-mail standards and Microsoft cannot do anything to stop these emails. If you do not wish to receive these emails, you may want to contact your ISP (Internet Service Provider), which is the only point where delivery can be prevented.
Please be wary of attachments, even if it is from someone you know, since some viruses spread by mailing themselves to contacts in an infected computer’s address book. If you have any doubts about the safety of an attachment, check with the source before opening it.
To ensure that your system is totally protected, Microsoft strongly recommends that you visit the site http://www.microsoft.com/protect and follow the instructions there to protect your PC. Performing these steps will ensure that your system is safe from viruses and worms.
Again, thank you for checking with us. Feel free to contact us again if you have other questions or concerns.
Sincerely,
Jing
Microsoft.com Customer Support— Original Message —
From: jaqui@telus.net
To: microsoftcom_contactus@css.one.microsoft.com
Sent: Fri Mar 11 16:12:25 PST 2005
Subject: Microsoft.Com ContactUSURL:http://register.microsoft.com/contactus30/contactus.asp?domain=generic
LANG:English (United States)
LOC:US
BBR:linux i686/mozilla/5.0 (x11; u; linux i686; en-us; /en-ca,en;qsince when do you send an update email to random email addresses?this is a phishing attempt, and spam.
following is entire email including full headers:
Subject:
*TELUS Detected Spam*: New Net Critical Upgradewhat could be simpler than the posting bit between their reply and this comment, yet they couldn’t get it right in thier reply.
-
March 12, 2005 at 11:14 pm #3331373
P.S.
by jaqui · about 19 years ago
In reply to MS people are illiterate!!
my reply to this iggeramos that doesn’t know how to read, nor how to follow proper netiqette and BOTTOM post in email and newsgroups is censored, as completely unsuitable for public broadcast.
-
March 13, 2005 at 9:01 am #3331297
-
March 13, 2005 at 4:31 pm #3331210
ms set netiquette standards??/
by jaqui · about 19 years ago
In reply to Now you have got me interested
that are most commonly reffered to on / in open source lists / discussions?
news to me.
since microsoft is the worst offender at meeting those standards.
( besides, the open source develppment group tends to beleive posix standards, or ieee standards are far more viable than anything ms says.
( at least the sites and groups I tend to be more involved with..the ones with no wish for microshaft compatibility. -
March 13, 2005 at 9:13 pm #3331182
OK maybe I should have put it a little differently
by hal 9000 · about 19 years ago
In reply to ms set netiquette standards??/
What I actually meant was that either Outlook Express or Outlook leave a lot to be desired and they are now the main E-Mail clients being used by most people.
While I can see just why some may not want MS compatibility that just isn’t an option from my prospective but then again I work in the small business sphere so everything that I install has to be MS compatible because it is so widely used. But at the same time the people want secure systems and still have MS products running on them. 😀
One guy was so insistent back in the 95 days that I took an old Power Supply pulled its guts out and used epoxy to fill in the power socket. I then set it on his desk and told him that he had a fully secure Workstation. 😉 When he wanted to start it up he realized that he couldn’t plug the thing in and was a bit upset I just told him I had supplied a system to his specifications then pulled out the dud PS and fitted the new one and told him that he had to make compromises in security as there was no way that I could guarantee that his data could not be stolen by someone gaining access to his computer.
God it felt good but I’ve haven’t been able to do something like that since. 🙁
Col ]:)
-
-
March 14, 2005 at 6:58 am #3347220
Shouldn’t put them all in one bunch though
by gunnar klevedal · about 19 years ago
In reply to MS people are illiterate!!
Guess they’re all different, when it comes to it.
-
March 14, 2005 at 7:14 pm #3335638
So just how far do you trust
by hal 9000 · about 19 years ago
In reply to Shouldn’t put them all in one bunch though
Any end user?
I don’t think them stupid but I also don’t trust them too much either. I think it is more a case of a Little Knowledge being dangerous and I try to protect my end users from things like this.
I do however agree that they are all different but that doesn’t make them all computer savvy either.
Col ]:)
-
-
March 14, 2005 at 10:21 am #3347039
Learn to read the Microsoft Way
by bfilmfan · about 19 years ago
In reply to MS people are illiterate!!
“Just give me all your money and I will read to you.”
New enpowerment slogan at Microsoft Literacy University.
“Beep, Beep.”
-
March 14, 2005 at 7:17 pm #3335636
Being serious for a moment
by hal 9000 · about 19 years ago
In reply to Learn to read the Microsoft Way
Have you any idea what this one does?
I haven’t got one so I haven’t had a chance to try it out in a controlled environment. Maybe things are getting better in the IT world or this is just a slow spreading problem. 😉
I’m inclined to think it is the latter though. 😀
Col ]:)
-
March 14, 2005 at 9:31 pm #3335607
I-worm/Swen
by jaqui · about 19 years ago
In reply to Being serious for a moment
that was the viral payload.
-
March 15, 2005 at 3:51 am #3335570
Thanks Jaqui
by hal 9000 · about 19 years ago
In reply to I-worm/Swen
For the info that will prove helpful when I eventually get some of the customers who deploy it which is bound to happen.
Col ]:)
-
-
-
March 14, 2005 at 6:32 am #3347255
You were not fooled, but…
by gunnar klevedal · about 19 years ago
In reply to well now, isn’t that interesting…
You were not fooled, but I could mention dozens of people who would be. And it would never occur to me to call them stupid.
I have warned our users to be careful with attachments. Luckily (?) our messaging system blocks all executable files, but at home they ain’t got this protection. As for now, most viruses and malware don’t write in Swedish.Tribute goes to John Socha, software hero of the eighties
-
-
AuthorReplies