Hey,

I have been getting e-mails recently, apparently from
microsoft support, asking me to run the attachement -
INSTALLATION7.EXE

I am guessing this is some kind of spam/virus/hack... is
it well known?

Thanks, Jamie Kitson

mail follows:

X-From_: Fri Sep 19 18:23:03 2003
Return-path: >
Envelope-to:
Delivery-date: Fri, 19 Sep 2003 18:23:03 +0100
Received: from [216.183.118.172] (helo=mail02.arrival.net)
by imailm1.svr.pol.co.uk with smtp (Exim 4.14)
id 1A0OyD-0006ca-Ki
for ; Fri, 19 Sep 2003
18:23:01 +0100
Received: (qmail 4919 invoked from network); 19 Sep 2003
17:07:58 -0000
Received: from unknown (HELO vmuvk) (66.17.4.90)
by 0 with SMTP; 19 Sep 2003 17:07:58 -0000
FROM: "Microsoft Corporation Public Services"
>
TO: "Partner" >
SUBJECT: Network Critical Update
Mime-Version: 1.0
Content-Type: multipart/mixed; boundary="omlsragxdfrv"
Message-Id: <E1A0OyD-0006ca-Ki.2003-09-19-18-23-
>
Date: Fri, 19 Sep 2003 18:23:01 +0100
X-Spam-Status: No, hits=0.1 required=4.5
tests=MICROSOFT_EXECUTABLE,MIME_HTML_NO_CHARSET
version=2.55
X-Spam-Level:
X-Spam-Checker-Version: SpamAssassin 2.55 (1.174.2.19-
2003-05-19-exp)

--omlsragxdfrv
Content-Type: multipart/related; boundary="pibhouqmxxdzp";
type="multipart/alternative"

--pibhouqmxxdzp
Content-Type: multipart/alternative;
boundary="tdscmxtsbafppu"

--tdscmxtsbafppu
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable

Microsoft Partner

this is the latest version of security update, the
"September 2003, Cumulative Patch" update which resolves
all known security vulnerabilities affecting
MS Internet Explorer, MS Outlook and MS Outlook Express.
Install now to protect your computer
from these vulnerabilities, the most serious of which
could
allow an attacker to run code on your system.
This update includes the functionality =
of all previously released patches.

System requirements: Windows 95/98/Me/2000/NT/XP
This update applies to:
- MS Internet Explorer, version 4.01 and later
- MS Outlook, version 8.00 and later
- MS Outlook Express, version 4.01 and later

Recommendation: Customers should install the patch =
at the earliest opportunity.
How to install: Run attached file. Choose Yes on
displayed dialog box.
How to use: You don't need to do anything after
installing this item.


Microsoft Product Support Services and Knowledge Base
articles =
can be found on the Microsoft Technical Support web site.
http://support.microsoft.com/

For security-related information about Microsoft
products, please =
visit the Microsoft Security Advisor web site
http://www.microsoft.com/security/

Thank you for using Microsoft products.

Please do not reply to this message.
It was sent from an unmonitored e-mail address and we are
unable =
to respond to any replies.

----------------------------------------------
The names of the actual companies and products mentioned =
herein are the trademarks of their respective owners.
Copyright 2003 Microsoft Corporation.

Jamie --

A devious sender is "spoofing" Microsoft and attempting to deceive you
into installing a malicious VIRUS in your computer! Delete the VIRUS
laden message immediately!

Please take a moment to read the following article:

Information on Bogus Microsoft Security Bulletin E-mails
http://www.microsoft.com/technet/treeview/default.asp?url=3D/technet/secu=
rity/news/patch_hoax.asp


--=20
Nicholas

-------------------------------------------------------------------------=
------------

"Jamie Kitson" > wrote in message:
...

| Hey,
|=20
| I have been getting e-mails recently, apparently from=20
| microsoft support, asking me to run the attachement -=20
| INSTALLATION7.EXE
|=20
| I am guessing this is some kind of spam/virus/hack... is=20
| it well known?
|=20
| Thanks, Jamie Kitson
|=20
| mail follows:
|=20
| X-From_: Fri Sep 19 18:23:03 2003
| Return-path: >
| Envelope-to:
| Delivery-date: Fri, 19 Sep 2003 18:23:03 +0100
| Received: from [216.183.118.172] (helo=3Dmail02.arrival.net)
| by imailm1.svr.pol.co.uk with smtp (Exim 4.14)
| id 1A0OyD-0006ca-Ki
| for ; Fri, 19 Sep 2003=20
| 18:23:01 +0100
| Received: (qmail 4919 invoked from network); 19 Sep 2003=20
| 17:07:58 -0000
| Received: from unknown (HELO vmuvk) (66.17.4.90)
| by 0 with SMTP; 19 Sep 2003 17:07:58 -0000
| FROM: "Microsoft Corporation Public Services"=20
| >
| TO: "Partner" >
| SUBJECT: Network Critical Update
| Mime-Version: 1.0
| Content-Type: multipart/mixed; boundary=3D"omlsragxdfrv"
| Message-Id: <E1A0OyD-0006ca-Ki.2003-09-19-18-23-
| >
| Date: Fri, 19 Sep 2003 18:23:01 +0100
| X-Spam-Status: No, hits=3D0.1 required=3D4.5
| tests=3DMICROSOFT_EXECUTABLE,MIME_HTML_NO_CHARSET
| version=3D2.55
| X-Spam-Level:=20
| X-Spam-Checker-Version: SpamAssassin 2.55 (1.174.2.19-
| 2003-05-19-exp)
|=20
| --omlsragxdfrv
| Content-Type: multipart/related; boundary=3D"pibhouqmxxdzp";
| type=3D"multipart/alternative"
|=20
| --pibhouqmxxdzp
| Content-Type: multipart/alternative;=20
| boundary=3D"tdscmxtsbafppu"
|=20
| --tdscmxtsbafppu
| Content-Type: text/plain
| Content-Transfer-Encoding: quoted-printable
|=20
| Microsoft Partner
|=20
| this is the latest version of security update, the
| "September 2003, Cumulative Patch" update which resolves
| all known security vulnerabilities affecting
| MS Internet Explorer, MS Outlook and MS Outlook Express.
| Install now to protect your computer
| from these vulnerabilities, the most serious of which=20
| could
| allow an attacker to run code on your system.
| This update includes the functionality =3D
| of all previously released patches.
|=20
| System requirements: Windows 95/98/Me/2000/NT/XP
| This update applies to:
| - MS Internet Explorer, version 4.01 and later
| - MS Outlook, version 8.00 and later
| - MS Outlook Express, version 4.01 and later
|=20
| Recommendation: Customers should install the patch =3D
| at the earliest opportunity.
| How to install: Run attached file. Choose Yes on=20
| displayed dialog box.
| How to use: You don't need to do anything after=20
| installing this item.
|=20
|=20
| Microsoft Product Support Services and Knowledge Base=20
| articles =3D
| can be found on the Microsoft Technical Support web site.
| http://support.microsoft.com/
|=20
| For security-related information about Microsoft=20
| products, please =3D
| visit the Microsoft Security Advisor web site
| http://www.microsoft.com/security/
|=20
| Thank you for using Microsoft products.
|=20
| Please do not reply to this message.
| It was sent from an unmonitored e-mail address and we are=20
| unable =3D
| to respond to any replies.
|=20
| ----------------------------------------------
| The names of the actual companies and products mentioned =3D
| herein are the trademarks of their respective owners.
| Copyright 2003 Microsoft Corporation.
|=20
|

WHAT IS IT?
W32/Swen@MM spreads via e-mail and network shares. The Microsoft Product
Support Services Security Team is issuing this alert to advise customers to
be on the alert for this virus as it spreads in the wild. Customers are
advised to review the information and take the appropriate action for their
environments.

IMPACT OF ATTACK: Mass Mailing, disabling processes related to security
software such as antivirus and firewall software

TECHNICAL DETAILS:
For additional details on this worm from anti-virus software vendors
participating in the Microsoft Virus Information Alliance (VIA) please visit
the following links:

Network Associates:
http://vil.nai.com/vil/content/v_100662.htm

Trend Micro:
http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_SWEN.A

Symantec


Computer Associates:
http://www3.ca.com/virusinfo/virus.aspx?ID=36939

"Jamie Kitson" > wrote in message
...
> Hey,
>
> I have been getting e-mails recently, apparently from
> microsoft support, asking me to run the attachement -
> INSTALLATION7.EXE
>
> I am guessing this is some kind of spam/virus/hack... is
> it well known?
>
> Thanks, Jamie Kitson
>
> mail follows:
>
> X-From_: Fri Sep 19 18:23:03 2003
> Return-path: >
> Envelope-to:
> Delivery-date: Fri, 19 Sep 2003 18:23:03 +0100
> Received: from [216.183.118.172] (helo=mail02.arrival.net)
> by imailm1.svr.pol.co.uk with smtp (Exim 4.14)
> id 1A0OyD-0006ca-Ki
> for ; Fri, 19 Sep 2003
> 18:23:01 +0100
> Received: (qmail 4919 invoked from network); 19 Sep 2003
> 17:07:58 -0000
> Received: from unknown (HELO vmuvk) (66.17.4.90)
> by 0 with SMTP; 19 Sep 2003 17:07:58 -0000
> FROM: "Microsoft Corporation Public Services"
> >
> TO: "Partner" >
> SUBJECT: Network Critical Update
> Mime-Version: 1.0
> Content-Type: multipart/mixed; boundary="omlsragxdfrv"
> Message-Id: <E1A0OyD-0006ca-Ki.2003-09-19-18-23-
> >
> Date: Fri, 19 Sep 2003 18:23:01 +0100
> X-Spam-Status: No, hits=0.1 required=4.5
> tests=MICROSOFT_EXECUTABLE,MIME_HTML_NO_CHARSET
> version=2.55
> X-Spam-Level:
> X-Spam-Checker-Version: SpamAssassin 2.55 (1.174.2.19-
> 2003-05-19-exp)
>
> --omlsragxdfrv
> Content-Type: multipart/related; boundary="pibhouqmxxdzp";
> type="multipart/alternative"
>
> --pibhouqmxxdzp
> Content-Type: multipart/alternative;
> boundary="tdscmxtsbafppu"
>
> --tdscmxtsbafppu
> Content-Type: text/plain
> Content-Transfer-Encoding: quoted-printable
>
> Microsoft Partner
>
> this is the latest version of security update, the
> "September 2003, Cumulative Patch" update which resolves
> all known security vulnerabilities affecting
> MS Internet Explorer, MS Outlook and MS Outlook Express.
> Install now to protect your computer
> from these vulnerabilities, the most serious of which
> could
> allow an attacker to run code on your system.
> This update includes the functionality =
> of all previously released patches.
>
> System requirements: Windows 95/98/Me/2000/NT/XP
> This update applies to:
> - MS Internet Explorer, version 4.01 and later
> - MS Outlook, version 8.00 and later
> - MS Outlook Express, version 4.01 and later
>
> Recommendation: Customers should install the patch =
> at the earliest opportunity.
> How to install: Run attached file. Choose Yes on
> displayed dialog box.
> How to use: You don't need to do anything after
> installing this item.
>
>
> Microsoft Product Support Services and Knowledge Base
> articles =
> can be found on the Microsoft Technical Support web site.
> http://support.microsoft.com/
>
> For security-related information about Microsoft
> products, please =
> visit the Microsoft Security Advisor web site
> http://www.microsoft.com/security/
>
> Thank you for using Microsoft products.
>
> Please do not reply to this message.
> It was sent from an unmonitored e-mail address and we are
> unable =
> to respond to any replies.
>
> ----------------------------------------------
> The names of the actual companies and products mentioned =
> herein are the trademarks of their respective owners.
> Copyright 2003 Microsoft Corporation.
>
>

so is there anyone I can report this to?

>-----Original Message-----
>Jamie --
>
>A devious sender is "spoofing" Microsoft and attempting
to deceive you
>into installing a malicious VIRUS in your computer!
Delete the VIRUS
>laden message immediately!
>
>Please take a moment to read the following article:
>
>Information on Bogus Microsoft Security Bulletin E-mails
>http://www.microsoft.com/technet/treeview/default.asp?
url=/technet/security/news/patch_hoax.asp
>
>
>--
>Nicholas
>
>---------------------------------------------------------
----------------------------
>
>"Jamie Kitson" > wrote in
message:
> ...
>
>| Hey,
>|
>| I have been getting e-mails recently, apparently from
>| microsoft support, asking me to run the attachement -
>| INSTALLATION7.EXE
>|
>| I am guessing this is some kind of spam/virus/hack...
is
>| it well known?
>|
>| Thanks, Jamie Kitson
>|
>| mail follows:
>|
>| X-From_: Fri Sep 19 18:23:03 2003
>| Return-path: >
>| Envelope-to:
>| Delivery-date: Fri, 19 Sep 2003 18:23:03 +0100
>| Received: from [216.183.118.172]
(helo=mail02.arrival.net)
>| by imailm1.svr.pol.co.uk with smtp (Exim 4.14)
>| id 1A0OyD-0006ca-Ki
>| for ; Fri, 19 Sep 2003
>| 18:23:01 +0100
>| Received: (qmail 4919 invoked from network); 19 Sep
2003
>| 17:07:58 -0000
>| Received: from unknown (HELO vmuvk) (66.17.4.90)
>| by 0 with SMTP; 19 Sep 2003 17:07:58 -0000
>| FROM: "Microsoft Corporation Public Services"
>| >
>| TO: "Partner" >
>| SUBJECT: Network Critical Update
>| Mime-Version: 1.0
>| Content-Type: multipart/mixed; boundary="omlsragxdfrv"
>| Message-Id: <E1A0OyD-0006ca-Ki.2003-09-19-18-23-
>| >
>| Date: Fri, 19 Sep 2003 18:23:01 +0100
>| X-Spam-Status: No, hits=0.1 required=4.5
>| tests=MICROSOFT_EXECUTABLE,MIME_HTML_NO_CHARSET
>| version=2.55
>| X-Spam-Level:
>| X-Spam-Checker-Version: SpamAssassin 2.55 (1.174.2.19-
>| 2003-05-19-exp)
>|
>| --omlsragxdfrv
>| Content-Type: multipart/related;
boundary="pibhouqmxxdzp";
>| type="multipart/alternative"
>|
>| --pibhouqmxxdzp
>| Content-Type: multipart/alternative;
>| boundary="tdscmxtsbafppu"
>|
>| --tdscmxtsbafppu
>| Content-Type: text/plain
>| Content-Transfer-Encoding: quoted-printable
>|
>| Microsoft Partner
>|
>| this is the latest version of security update, the
>| "September 2003, Cumulative Patch" update which
resolves
>| all known security vulnerabilities affecting
>| MS Internet Explorer, MS Outlook and MS Outlook
Express.
>| Install now to protect your computer
>| from these vulnerabilities, the most serious of which
>| could
>| allow an attacker to run code on your system.
>| This update includes the functionality =
>| of all previously released patches.
>|
>| System requirements: Windows 95/98/Me/2000/NT/XP
>| This update applies to:
>| - MS Internet Explorer, version 4.01 and later
>| - MS Outlook, version 8.00 and later
>| - MS Outlook Express, version 4.01 and later
>|
>| Recommendation: Customers should install the patch =
>| at the earliest opportunity.
>| How to install: Run attached file. Choose Yes on
>| displayed dialog box.
>| How to use: You don't need to do anything after
>| installing this item.
>|
>|
>| Microsoft Product Support Services and Knowledge Base
>| articles =
>| can be found on the Microsoft Technical Support web
site.
>| http://support.microsoft.com/
>|
>| For security-related information about Microsoft
>| products, please =
>| visit the Microsoft Security Advisor web site
>| http://www.microsoft.com/security/
>|
>| Thank you for using Microsoft products.
>|
>| Please do not reply to this message.
>| It was sent from an unmonitored e-mail address and we
are
>| unable =
>| to respond to any replies.
>|
>| ----------------------------------------------
>| The names of the actual companies and products
mentioned =
>| herein are the trademarks of their respective owners.
>| Copyright 2003 Microsoft Corporation.
>|
>|
>.
>

DELETE IT!

Turn on junk-mail delete immediately and block
@microsoft.com since it will automatic delivery to my
inbox.

>-----Original Message-----
>Jamie --
>
>A devious sender is "spoofing" Microsoft and attempting
to deceive you
>into installing a malicious VIRUS in your computer!
Delete the VIRUS
>laden message immediately!
>
>Please take a moment to read the following article:
>
>Information on Bogus Microsoft Security Bulletin E-mails
>http://www.microsoft.com/technet/treeview/default.asp?
url=/technet/security/news/patch_hoax.asp
>
>
>--
>Nicholas
>
>---------------------------------------------------------
----------------------------
>
>"Jamie Kitson" > wrote in
message:
> ...
>
>| Hey,
>|
>| I have been getting e-mails recently, apparently from
>| microsoft support, asking me to run the attachement -
>| INSTALLATION7.EXE
>|
>| I am guessing this is some kind of spam/virus/hack...
is
>| it well known?
>|
>| Thanks, Jamie Kitson
>|
>| mail follows:
>|
>| X-From_: Fri Sep 19 18:23:03 2003
>| Return-path: >
>| Envelope-to:
>| Delivery-date: Fri, 19 Sep 2003 18:23:03 +0100
>| Received: from [216.183.118.172]
(helo=mail02.arrival.net)
>| by imailm1.svr.pol.co.uk with smtp (Exim 4.14)
>| id 1A0OyD-0006ca-Ki
>| for ; Fri, 19 Sep 2003
>| 18:23:01 +0100
>| Received: (qmail 4919 invoked from network); 19 Sep
2003
>| 17:07:58 -0000
>| Received: from unknown (HELO vmuvk) (66.17.4.90)
>| by 0 with SMTP; 19 Sep 2003 17:07:58 -0000
>| FROM: "Microsoft Corporation Public Services"
>| >
>| TO: "Partner" >
>| SUBJECT: Network Critical Update
>| Mime-Version: 1.0
>| Content-Type: multipart/mixed; boundary="omlsragxdfrv"
>| Message-Id: <E1A0OyD-0006ca-Ki.2003-09-19-18-23-
>| >
>| Date: Fri, 19 Sep 2003 18:23:01 +0100
>| X-Spam-Status: No, hits=0.1 required=4.5
>| tests=MICROSOFT_EXECUTABLE,MIME_HTML_NO_CHARSET
>| version=2.55
>| X-Spam-Level:
>| X-Spam-Checker-Version: SpamAssassin 2.55 (1.174.2.19-
>| 2003-05-19-exp)
>|
>| --omlsragxdfrv
>| Content-Type: multipart/related;
boundary="pibhouqmxxdzp";
>| type="multipart/alternative"
>|
>| --pibhouqmxxdzp
>| Content-Type: multipart/alternative;
>| boundary="tdscmxtsbafppu"
>|
>| --tdscmxtsbafppu
>| Content-Type: text/plain
>| Content-Transfer-Encoding: quoted-printable
>|
>| Microsoft Partner
>|
>| this is the latest version of security update, the
>| "September 2003, Cumulative Patch" update which
resolves
>| all known security vulnerabilities affecting
>| MS Internet Explorer, MS Outlook and MS Outlook
Express.
>| Install now to protect your computer
>| from these vulnerabilities, the most serious of which
>| could
>| allow an attacker to run code on your system.
>| This update includes the functionality =
>| of all previously released patches.
>|
>| System requirements: Windows 95/98/Me/2000/NT/XP
>| This update applies to:
>| - MS Internet Explorer, version 4.01 and later
>| - MS Outlook, version 8.00 and later
>| - MS Outlook Express, version 4.01 and later
>|
>| Recommendation: Customers should install the patch =
>| at the earliest opportunity.
>| How to install: Run attached file. Choose Yes on
>| displayed dialog box.
>| How to use: You don't need to do anything after
>| installing this item.
>|
>|
>| Microsoft Product Support Services and Knowledge Base
>| articles =
>| can be found on the Microsoft Technical Support web
site.
>| http://support.microsoft.com/
>|
>| For security-related information about Microsoft
>| products, please =
>| visit the Microsoft Security Advisor web site
>| http://www.microsoft.com/security/
>|
>| Thank you for using Microsoft products.
>|
>| Please do not reply to this message.
>| It was sent from an unmonitored e-mail address and we
are
>| unable =
>| to respond to any replies.
>|
>| ----------------------------------------------
>| The names of the actual companies and products
mentioned =
>| herein are the trademarks of their respective owners.
>| Copyright 2003 Microsoft Corporation.
>|
>|
>.
>

nope, Microsoft is completely aware of this problem. all they can do is
have the FBI look into who started it.

"Jamie Kitson" > wrote in message
...
> so is there anyone I can report this to?
>
> >-----Original Message-----
> >Jamie --
> >
> >A devious sender is "spoofing" Microsoft and attempting
> to deceive you
> >into installing a malicious VIRUS in your computer!
> Delete the VIRUS
> >laden message immediately!
> >
> >Please take a moment to read the following article:
> >
> >Information on Bogus Microsoft Security Bulletin E-mails
> >http://www.microsoft.com/technet/treeview/default.asp?
> url=/technet/security/news/patch_hoax.asp
> >
> >
> >--
> >Nicholas
> >
> >---------------------------------------------------------
> ----------------------------
> >
> >"Jamie Kitson" > wrote in
> message:
> > ...
> >
> >| Hey,
> >|
> >| I have been getting e-mails recently, apparently from
> >| microsoft support, asking me to run the attachement -
> >| INSTALLATION7.EXE
> >|
> >| I am guessing this is some kind of spam/virus/hack...
> is
> >| it well known?
> >|
> >| Thanks, Jamie Kitson
> >|
> >| mail follows:
> >|
> >| X-From_: Fri Sep 19 18:23:03 2003
> >| Return-path: >
> >| Envelope-to:
> >| Delivery-date: Fri, 19 Sep 2003 18:23:03 +0100
> >| Received: from [216.183.118.172]
> (helo=mail02.arrival.net)
> >| by imailm1.svr.pol.co.uk with smtp (Exim 4.14)
> >| id 1A0OyD-0006ca-Ki
> >| for ; Fri, 19 Sep 2003
> >| 18:23:01 +0100
> >| Received: (qmail 4919 invoked from network); 19 Sep
> 2003
> >| 17:07:58 -0000
> >| Received: from unknown (HELO vmuvk) (66.17.4.90)
> >| by 0 with SMTP; 19 Sep 2003 17:07:58 -0000
> >| FROM: "Microsoft Corporation Public Services"
> >| >
> >| TO: "Partner" >
> >| SUBJECT: Network Critical Update
> >| Mime-Version: 1.0
> >| Content-Type: multipart/mixed; boundary="omlsragxdfrv"
> >| Message-Id: <E1A0OyD-0006ca-Ki.2003-09-19-18-23-
> >| >
> >| Date: Fri, 19 Sep 2003 18:23:01 +0100
> >| X-Spam-Status: No, hits=0.1 required=4.5
> >| tests=MICROSOFT_EXECUTABLE,MIME_HTML_NO_CHARSET
> >| version=2.55
> >| X-Spam-Level:
> >| X-Spam-Checker-Version: SpamAssassin 2.55 (1.174.2.19-
> >| 2003-05-19-exp)
> >|
> >| --omlsragxdfrv
> >| Content-Type: multipart/related;
> boundary="pibhouqmxxdzp";
> >| type="multipart/alternative"
> >|
> >| --pibhouqmxxdzp
> >| Content-Type: multipart/alternative;
> >| boundary="tdscmxtsbafppu"
> >|
> >| --tdscmxtsbafppu
> >| Content-Type: text/plain
> >| Content-Transfer-Encoding: quoted-printable
> >|
> >| Microsoft Partner
> >|
> >| this is the latest version of security update, the
> >| "September 2003, Cumulative Patch" update which
> resolves
> >| all known security vulnerabilities affecting
> >| MS Internet Explorer, MS Outlook and MS Outlook
> Express.
> >| Install now to protect your computer
> >| from these vulnerabilities, the most serious of which
> >| could
> >| allow an attacker to run code on your system.
> >| This update includes the functionality =
> >| of all previously released patches.
> >|
> >| System requirements: Windows 95/98/Me/2000/NT/XP
> >| This update applies to:
> >| - MS Internet Explorer, version 4.01 and later
> >| - MS Outlook, version 8.00 and later
> >| - MS Outlook Express, version 4.01 and later
> >|
> >| Recommendation: Customers should install the patch =
> >| at the earliest opportunity.
> >| How to install: Run attached file. Choose Yes on
> >| displayed dialog box.
> >| How to use: You don't need to do anything after
> >| installing this item.
> >|
> >|
> >| Microsoft Product Support Services and Knowledge Base
> >| articles =
> >| can be found on the Microsoft Technical Support web
> site.
> >| http://support.microsoft.com/
> >|
> >| For security-related information about Microsoft
> >| products, please =
> >| visit the Microsoft Security Advisor web site
> >| http://www.microsoft.com/security/
> >|
> >| Thank you for using Microsoft products.
> >|
> >| Please do not reply to this message.
> >| It was sent from an unmonitored e-mail address and we
> are
> >| unable =
> >| to respond to any replies.
> >|
> >| ----------------------------------------------
> >| The names of the actual companies and products
> mentioned =
> >| herein are the trademarks of their respective owners.
> >| Copyright 2003 Microsoft Corporation.
> >|
> >|
> >.
> >

Greetings --

What you received is either a very common malicious hoax or the
output of a computer infected by one of several well-known,
wide-spread, mass emailing worms. The most widely-known are:

W32.Gibe_mm


W32.Dumaru_mm


W32.Swen.A_mm


Microsoft never has, does not currently, and never will email
unsolicited security patches. At the most, if, and only if, you
subscribe to their security notification newsletter, they will send
you an email informing you that a new patch is available for
downloading.

Microsoft Policies on Software Distribution
http://www.microsoft.com/technet/treeview/?url=/technet/security/policy/swdist.asp

Information on Bogus Microsoft Security Bulletin Emails
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/news/patch_hoax.asp

Any and all legitimate patches and updates are readily available
at http://windowsupdate.microsoft.com/. (Notice that this is the true
URL, rather than the bogus one that may have been contained in the
email you received.) Any messages that point to any other source(s) or
claim to have the patch attached are bogus.


Bruce Chambers

--
Help us help you:
http://dts-l.org/goodpost.htm
http://www.catb.org/~esr/faqs/smart-questions.html

You can have peace. Or you can have freedom. Don't ever count on
having both at once. -- RAH


"Jamie Kitson" > wrote in message
...
> Hey,
>
> I have been getting e-mails recently, apparently from
> microsoft support, asking me to run the attachement -
> INSTALLATION7.EXE
>
> I am guessing this is some kind of spam/virus/hack... is
> it well known?
>
> Thanks, Jamie Kitson
>
> mail follows:
>
> X-From_: Fri Sep 19 18:23:03 2003
> Return-path: >
> Envelope-to:
> Delivery-date: Fri, 19 Sep 2003 18:23:03 +0100
> Received: from [216.183.118.172] (helo=mail02.arrival.net)
> by imailm1.svr.pol.co.uk with smtp (Exim 4.14)
> id 1A0OyD-0006ca-Ki
> for ; Fri, 19 Sep 2003
> 18:23:01 +0100
> Received: (qmail 4919 invoked from network); 19 Sep 2003
> 17:07:58 -0000
> Received: from unknown (HELO vmuvk) (66.17.4.90)
> by 0 with SMTP; 19 Sep 2003 17:07:58 -0000
> FROM: "Microsoft Corporation Public Services"
> >
> TO: "Partner" >
> SUBJECT: Network Critical Update
> Mime-Version: 1.0
> Content-Type: multipart/mixed; boundary="omlsragxdfrv"
> Message-Id: <E1A0OyD-0006ca-Ki.2003-09-19-18-23-
> >
> Date: Fri, 19 Sep 2003 18:23:01 +0100
> X-Spam-Status: No, hits=0.1 required=4.5
> tests=MICROSOFT_EXECUTABLE,MIME_HTML_NO_CHARSET
> version=2.55
> X-Spam-Level:
> X-Spam-Checker-Version: SpamAssassin 2.55 (1.174.2.19-
> 2003-05-19-exp)
>
> --omlsragxdfrv
> Content-Type: multipart/related; boundary="pibhouqmxxdzp";
> type="multipart/alternative"
>
> --pibhouqmxxdzp
> Content-Type: multipart/alternative;
> boundary="tdscmxtsbafppu"
>
> --tdscmxtsbafppu
> Content-Type: text/plain
> Content-Transfer-Encoding: quoted-printable
>
> Microsoft Partner
>
> this is the latest version of security update, the
> "September 2003, Cumulative Patch" update which resolves
> all known security vulnerabilities affecting
> MS Internet Explorer, MS Outlook and MS Outlook Express.
> Install now to protect your computer
> from these vulnerabilities, the most serious of which
> could
> allow an attacker to run code on your system.
> This update includes the functionality =
> of all previously released patches.
>
> System requirements: Windows 95/98/Me/2000/NT/XP
> This update applies to:
> - MS Internet Explorer, version 4.01 and later
> - MS Outlook, version 8.00 and later
> - MS Outlook Express, version 4.01 and later
>
> Recommendation: Customers should install the patch =
> at the earliest opportunity.
> How to install: Run attached file. Choose Yes on
> displayed dialog box.
> How to use: You don't need to do anything after
> installing this item.
>
>
> Microsoft Product Support Services and Knowledge Base
> articles =
> can be found on the Microsoft Technical Support web site.
> http://support.microsoft.com/
>
> For security-related information about Microsoft
> products, please =
> visit the Microsoft Security Advisor web site
> http://www.microsoft.com/security/
>
> Thank you for using Microsoft products.
>
> Please do not reply to this message.
> It was sent from an unmonitored e-mail address and we are
> unable =
> to respond to any replies.
>
> ----------------------------------------------
> The names of the actual companies and products mentioned =
> herein are the trademarks of their respective owners.
> Copyright 2003 Microsoft Corporation.
>
>