I just received a very authentic looking e-mail from "Microsoft Corporation
Security Center" with an attached file - patch150.exe - The text of the
e-mail follows below and begins with "MS User". The properties for the
e-mail address show it to be - The size of
the file in the attachment window shows 2 bytes. I saved the file to a
directory and ran Norton AV and no virus was found. The size in that
directory shows 0 bytes. Next, I searched all Symantech for the file and
found none. I then searched MS in several areas including the knowledge
base for that file name and also found nothing. Does anyone have knowledge
of this file?

Jack - The e-mail follows

MS User

this is the latest version of security update, the
"April 2003, Cumulative Patch" update which eliminates
all known security vulnerabilities affecting Internet Explorer,
Outlook and Outlook Express as well as five newly
discovered vulnerabilities. Install now to protect your computer
from these vulnerabilities, the most serious of which could allow
an attacker to run executable on your system. This update includes
the functionality of all previously released patches.

System requirements Win 9x/Me/2000/NT/XP
This update applies to Microsoft Internet Explorer, version 4.01 and
later
Microsoft Outlook, version 8.00 and later
Microsoft Outlook Express, version 4.01 and later
Recommendation Customers should install the patch at the earliest
opportunity.
How to install Run attached file. Click Yes on displayed dialog box.
How to use You don't need to do anything after installing this item.

Microsoft Product Support Services and Knowledge Base articles
can be found on the Microsoft Technical Support web site.
For security-related information about Microsoft products, please
visit the Microsoft Security Advisor web site, or Contact us.

Please do not reply to this message. It was sent from an unmonitored
e-mail address and we are unable to respond to any replies.

Thank you for using Microsoft products.

With friendly greetings,
Microsoft Corporation Security Center

----------------------------------------------------------------------------
----
©2003 Microsoft Corporation. All rights reserved. The names of the actual
companies
and products mentioned herein may be the trademarks of their respective
owners.

Jack;
This has been around a short while.
The attachment is most likely a virus.
Delete the Email and attachment immediately.
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/news/patch_hoax.asp

Microsoft sends security updates but NEVER with attachments.

On the rare occasion Microsoft sends a file, you would be expecting it
in advance and know exactly what it is.

--
Jupiter Jones
An easier way to read newsgroup messages:
http://www.microsoft.com/windowsxp/pro/using/newsgroups/setup.asp
Please respond to newsgroup only for everyone's benefit.


"Jack" > wrote in message
...
> I just received a very authentic looking e-mail from "Microsoft
Corporation
> Security Center" with an attached file - patch150.exe - The text of
the
> e-mail follows below and begins with "MS User". The properties for
the
> e-mail address show it to be - The
size of
> the file in the attachment window shows 2 bytes. I saved the file to
a
> directory and ran Norton AV and no virus was found. The size in that
> directory shows 0 bytes. Next, I searched all Symantech for the
file and
> found none. I then searched MS in several areas including the
knowledge
> base for that file name and also found nothing. Does anyone have
knowledge
> of this file?
>
> Jack - The e-mail follows
>
> MS User
>
> this is the latest version of security update, the
> "April 2003, Cumulative Patch" update which eliminates
> all known security vulnerabilities affecting Internet Explorer,
> Outlook and Outlook Express as well as five newly
> discovered vulnerabilities. Install now to protect your computer
> from these vulnerabilities, the most serious of which could allow
> an attacker to run executable on your system. This update includes
> the functionality of all previously released patches.
>
> System requirements Win 9x/Me/2000/NT/XP
> This update applies to Microsoft Internet Explorer, version
4.01 and
> later
> Microsoft Outlook, version 8.00 and later
> Microsoft Outlook Express, version 4.01 and later
> Recommendation Customers should install the patch at the
earliest
> opportunity.
> How to install Run attached file. Click Yes on displayed
dialog box.
> How to use You don't need to do anything after installing this
item.
>
> Microsoft Product Support Services and Knowledge Base articles
> can be found on the Microsoft Technical Support web site.
> For security-related information about Microsoft products, please
> visit the Microsoft Security Advisor web site, or Contact us.
>
> Please do not reply to this message. It was sent from an unmonitored
> e-mail address and we are unable to respond to any replies.
>
> Thank you for using Microsoft products.
>
> With friendly greetings,
> Microsoft Corporation Security Center
>
> --------------------------------------------------------------------
--------
> ----
> ©2003 Microsoft Corporation. All rights reserved. The names of the
actual
> companies
> and products mentioned herein may be the trademarks of their
respective
> owners.
>
>

Thank you Jupiter, I was pretty sure it wasn't legit. I was just uncertain
because I couldn't find any mention of patch150.exe anywhere in Symantec or
in Hoaxbusters. I should have realized what I have often advised others
about, a malicious sender can rename an infected file to anything he wants.
The name of the file is meaningless, it is the contents that get you.

Jack

"Jupiter Jones" > wrote in message
...
| Jack;
| This has been around a short while.
| The attachment is most likely a virus.
| Delete the Email and attachment immediately.
|
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/news/patch_hoax.asp
|
| Microsoft sends security updates but NEVER with attachments.
|
| On the rare occasion Microsoft sends a file, you would be expecting it
| in advance and know exactly what it is.
|
| --
| Jupiter Jones
| An easier way to read newsgroup messages:
| http://www.microsoft.com/windowsxp/pro/using/newsgroups/setup.asp
| Please respond to newsgroup only for everyone's benefit.
|
|
| "Jack" > wrote in message
| ...
| > I just received a very authentic looking e-mail from "Microsoft
| Corporation
| > Security Center" with an attached file - patch150.exe - The text of
| the
| > e-mail follows below and begins with "MS User". The properties for
| the
| > e-mail address show it to be - The
| size of
| > the file in the attachment window shows 2 bytes. I saved the file to
| a
| > directory and ran Norton AV and no virus was found. The size in that
| > directory shows 0 bytes. Next, I searched all Symantech for the
| file and
| > found none. I then searched MS in several areas including the
| knowledge
| > base for that file name and also found nothing. Does anyone have
| knowledge
| > of this file?
| >
| > Jack - The e-mail follows
| >
| > MS User
| >
| > this is the latest version of security update, the
| > "April 2003, Cumulative Patch" update which eliminates
| > all known security vulnerabilities affecting Internet Explorer,
| > Outlook and Outlook Express as well as five newly
| > discovered vulnerabilities. Install now to protect your computer
| > from these vulnerabilities, the most serious of which could allow
| > an attacker to run executable on your system. This update includes
| > the functionality of all previously released patches.
| >
| > System requirements Win 9x/Me/2000/NT/XP
| > This update applies to Microsoft Internet Explorer, version
| 4.01 and
| > later
| > Microsoft Outlook, version 8.00 and later
| > Microsoft Outlook Express, version 4.01 and later
| > Recommendation Customers should install the patch at the
| earliest
| > opportunity.
| > How to install Run attached file. Click Yes on displayed
| dialog box.
| > How to use You don't need to do anything after installing this
| item.
| >
| > Microsoft Product Support Services and Knowledge Base articles
| > can be found on the Microsoft Technical Support web site.
| > For security-related information about Microsoft products, please
| > visit the Microsoft Security Advisor web site, or Contact us.
| >
| > Please do not reply to this message. It was sent from an unmonitored
| > e-mail address and we are unable to respond to any replies.
| >
| > Thank you for using Microsoft products.
| >
| > With friendly greetings,
| > Microsoft Corporation Security Center
| >
| > --------------------------------------------------------------------
| --------
| > ----
| > ©2003 Microsoft Corporation. All rights reserved. The names of the
| actual
| > companies
| > and products mentioned herein may be the trademarks of their
| respective
| > owners.
| >
| >
|
|