Microsoft Security E-mail Spoofs with Malware

From: The Microsoft Security Response Center (MSRC)
http://blogs.technet.com/msrc/archiv...h-malware.aspx

We received some questions from customers about an e-mail that’s circulating that claims to be a
security e-mail from Microsoft. The e-mail comes with an attached executable, which it claims is the
latest security update, and encourages the recipient to run the attached executable so they can be
safe.

While malicious e-mails posing as Microsoft security notifications with
attached malware aren’t new
(we’ve seen this problem for several years) this particular one is a bit different in that it claims
to be signed by our own Steve Lipner and has what appears to be a PGP signature block attached to it.

While those are clever attempts to increase the credibility of the
mail, I can tell you categorically
that this is not a legitimate e-mail: it is a piece of malicious spam and the attachment is malware.
Specifically, it contains Backdoor:Win32/Haxdoor.
http://www.microsoft.com/security/po...:Win32/Haxdoor


Microsoft *** NEVER *** emails updates. *** NEVER ***


MowGreen [MVP 2003-2009]
===============
*-343-* FDNY
Never Forgotten
===============

Thank you so musch for your Love.
The best way to loss weight is selfhypnozis. But this is also most
dangerous way.
Also, you can take rimonabant and do lots of sports. I beleive in that,
if YOU BELEIVE THAT YOU CAN, then you actually WILL do!!!
tHANK YOU and be loved

cheers

'rimonabant tablet' (http://tinyurl.com/3qdesh)
'rimonabant diet' (http://tinyurl.com/4287lr)
'rimonabant diet pill' (http://tinyurl.com/4usste)
'rimonabant diet pills' (http://tinyurl.com/3n6mey)
'rimonabant drug' (http://tinyurl.com/4ahplo)

--
HTH
nass
---
http://www.nasstec.co.uk



"MowGreen [MVP]" wrote:

From: The Microsoft Security Response Center (MSRC)
http://blogs.technet.com/msrc/archiv...h-malware.aspx

We received some questions from customers about an e-mail that’s circulating that claims to be a
security e-mail from Microsoft. The e-mail comes with an attached executable, which it claims is the
latest security update, and encourages the recipient to run the attached executable so they can be
safe.

While malicious e-mails posing as Microsoft security notifications with
attached malware aren’t new
(we’ve seen this problem for several years) this particular one is a bit different in that it claims
to be signed by our own Steve Lipner and has what appears to be a PGP signature block attached to it.

While those are clever attempts to increase the credibility of the
mail, I can tell you categorically
that this is not a legitimate e-mail: it is a piece of malicious spam and the attachment is malware.
Specifically, it contains Backdoor:Win32/Haxdoor.
http://www.microsoft.com/security/po...:Win32/Haxdoor


Microsoft *** NEVER *** emails updates. *** NEVER ***


MowGreen [MVP 2003-2009]
===============
*-343-* FDNY
Never Forgotten
===============

As you can see, Murphy has made several references to Rimonabant (brand
name: Zimultri, produced by Sanofi-Adventis.) This may be a medication
Murphy is presently taking.

Rimonabant is an anti-obesity drug. If Murphy has a problem with
obesity, it's not hard to imagine why he is so enraged. He may even be
the victim of bullying (which may explain why he picks on people with
ethnic backgrounds.) No one deserves to be bullied, including Murphy.

But there's more. According to the Wikipedia: "Shortly after market
introduction, press reports and independent studies suggest that side
effects occur stronger and more commonly than shown by the manufacturer
in their clinical studies. Reports of severe depression are frequent."

Indeed, in its report dated June 13, 2007, the United States FDA was
aware that Rimonabant is associated with an increased risk of depression
and of suicidal thoughts even in those with no history of depression.

Of course, I don't know for a fact that Murphy is on Rimonabant. But he
does mention Rimonabant prominently. If I'm right, it means that Murphy
is suffering from the effects of his medication and deserves our support
to get help.

For me, that means I will no longer argue with him - that clearly won't
accomplish anything - but I do feel justified in setting the record
straight when he is impersonating me, although that rarely seems
necessary anymore.
---
Leonard Grey
Errare Humanum Est

nass [MVP] wrote:
Thank you so musch for your Love.
The best way to loss weight is selfhypnozis. But this is also most
dangerous way.
Also, you can take rimonabant and do lots of sports. I beleive in that,
if YOU BELEIVE THAT YOU CAN, then you actually WILL do!!!
tHANK YOU and be loved

cheers

'rimonabant tablet' (http://tinyurl.com/3qdesh)
'rimonabant diet' (http://tinyurl.com/4287lr)
'rimonabant diet pill' (http://tinyurl.com/4usste)
'rimonabant diet pills' (http://tinyurl.com/3n6mey)
'rimonabant drug' (http://tinyurl.com/4ahplo)

I am Leonard Grey.
Take NO notice of this imposter from windowsxp.general.
He is filthy slime, this fake Leonard Grey.
His name is NASS from

http://nastec.co.uk

--
---
Leonard Grey
Errare Humanum Est



"MowGreen [MVP]" wrote:

From: The Microsoft Security Response Center (MSRC)
http://blogs.technet.com/msrc/archiv...h-malware.aspx

We received some questions from customers about an e-mail that’s circulating that claims to be a
security e-mail from Microsoft. The e-mail comes with an attached executable, which it claims is the
latest security update, and encourages the recipient to run the attached executable so they can be
safe.

While malicious e-mails posing as Microsoft security notifications with
attached malware aren’t new
(we’ve seen this problem for several years) this particular one is a bit different in that it claims
to be signed by our own Steve Lipner and has what appears to be a PGP signature block attached to it.

While those are clever attempts to increase the credibility of the
mail, I can tell you categorically
that this is not a legitimate e-mail: it is a piece of malicious spam and the attachment is malware.
Specifically, it contains Backdoor:Win32/Haxdoor.
http://www.microsoft.com/security/po...:Win32/Haxdoor


Microsoft *** NEVER *** emails updates. *** NEVER ***


MowGreen [MVP 2003-2009]
===============
*-343-* FDNY
Never Forgotten
===============

Will circulate this to users in case it crops-up. They should have wised-up
to this kind of scam by now, but you never know..

"MowGreen [MVP]" wrote:

From: The Microsoft Security Response Center (MSRC)
http://blogs.technet.com/msrc/archiv...h-malware.aspx

Also see
http://blogs.technet.com/mmpc/archiv...customers.aspx
--
~Robear Dyer (PA Bear)
MS MVP-IE, Mail, Security, Windows Desktop Experience - since 2002
AumHa VSOP & Admin http://aumha.net
DTS-L http://dts-l.net/

MowGreen [MVP] wrote:
From: The Microsoft Security Response Center (MSRC)
http://blogs.technet.com/msrc/archiv...h-malware.aspx

We received some questions from customers about an e-mail that’s
circulating that claims to be a security e-mail from Microsoft. The
e-mail
comes with an attached executable, which it claims is the latest security
update, and encourages the recipient to run the attached executable so
they can be safe. While malicious e-mails posing as Microsoft security
notifications with
attached malware aren’t new
(we’ve seen this problem for several years) this particular one is a bit
different in that it claims to be signed by our own Steve Lipner and has
what appears to be a PGP signature block attached to it. While those are
clever attempts to increase the credibility of the
mail, I can tell you categorically
that this is not a legitimate e-mail: it is a piece of malicious spam and
the attachment is malware. Specifically, it contains
Backdoor:Win32/Haxdoor.
http://www.microsoft.com/security/po...:Win32/Haxdoor


Microsoft *** NEVER *** emails updates. *** NEVER ***


MowGreen [MVP 2003-2009]
===============
*-343-* FDNY
Never Forgotten
===============