Results 1 to 12 of 12
  1. #1
    Administrator
    Join Date
    Mar 2001
    Location
    St Louis, Missouri, USA
    Posts
    23,585
    Thanks
    5
    Thanked 1,059 Times in 928 Posts

    Re: Viruses from Fake XP/IE Updates (Win XPP SP1 IE6SP1)

    Microsoft <span style="background-color: #FFFF00; color: #000000; font-weight: bold">NEVER</span hi> sends fixes by e-mail. If you see anything that claims to be a fix from Microsoft just delete it.

    Joe
    Joe

  2. #2
    Silver Lounger Bruce K's Avatar
    Join Date
    Apr 2002
    Location
    Phoenix, Arizona, USA
    Posts
    1,876
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Viruses from Fake XP/IE Updates (Win XPP SP1 IE6SP1)

    Hi, SMBP ~

    What Joe is saying is that you should disregard any such e-mail from MS as they never have and never will send e-mails for any fixes, patches or updates, period. That has and always will be their policy.

    And is possible, please, to perhaps consider making it routine to decrease the gargantuan size of your attachments by resizing to at least half? <img src=/S/please.gif border=0 alt=please width=31 height=23> Irfanview does this very easily in a snap. For your convenience, please see the IrfanView Resize/Resample tutorial

  3. #3
    Silver Lounger Bruce K's Avatar
    Join Date
    Apr 2002
    Location
    Phoenix, Arizona, USA
    Posts
    1,876
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Viruses from Fake XP/IE Updates (Win XPP SP1 IE6SP1)

    Hi, SMBP ~

    You may have overlooked a detail. What you are talking about are notifications and bulletins. You have never, ever received any fixes, patches or updates, period, nor will you. I hope I was able to help you to now realize the difference. <img src=/S/grin.gif border=0 alt=grin width=15 height=15>

    Yes, you certainly have posted scores of cropped screenshots, but most assuredly 99% of them are not actually reasonably reduced as proffered. If you are unable to reduce w/o distortion w/ Paint and you are adverse to Irfanview, then may I please suggest one of the other 20 or so screengrabbers you have within reach?

    It is not a matter of taking too much server real-estate or my sense of aesthetics, but rather the 786 x 525 behemoth not only breaks the lounge formatting, it consumes the entire F.O.V. I am at 1280x768...I can only imagine how the other Loungers w/ 800x600 may endure.

    This size below accomplishes your means and avoids all the aforementioned. Should you need any instruction, we would be happy to help. <img src=/S/smile.gif border=0 alt=smile width=15 height=15>

  4. #4
    Plutonium Lounger
    Join Date
    Mar 2002
    Posts
    84,353
    Thanks
    0
    Thanked 29 Times in 29 Posts

    Re: Viruses from Fake XP/IE Updates (Win XPP SP1 IE6SP1)

    Gentlemen,

    I think there is some confusion here. This is from Microsoft Policies on Software Distribution
    <hr><big>Microsoft never distributes software directly via e-mail.</big>
    <UL><LI>We distribute software on physical media like CD ROMs and floppy disks.
    <LI>We distribute upgrades via the Internet. When we do this, the software will be available via our web site, http://www.microsoft.com, or through http://www.microsoft.com/downloads/search.asp?.
    <LI>We occasionally send e-mail to customers to inform them that upgrades are available. However, the e-mail will only provide links to the download sites -- we will never attach the software itself to the e-mail. The links will always lead to either our web site or our FTP site, never to a third-party site.
    <LI>We always use Authenticode to digitally sign our products and allow you to ensure that they have not been tampered with. [/list]If you receive an e-mail that claims to contain software from Microsoft, do not run the attachment. The safest course of action is to delete the mail altogether. If you would like to take additional action, report the e-mail to the sender's Internet Service Provider. Most ISPs provide an "abuse" userid for this purpose.<hr>
    So if you receive an e-mail claiming to be from Microsoft containing an update/patch/hotfix as an attachment, it must be fake.

  5. #5
    Plutonium Lounger Leif's Avatar
    Join Date
    Dec 2000
    Location
    U.K.
    Posts
    14,010
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Viruses from Fake XP/IE Updates (Win XPP SP1 IE6SP1)

    Defrag,

    Can you please edit your posts to:
    <UL><LI>reduce the size of, or remove your attachments - you have well over 200KB in this thread alone.

    <LI>remove any font colouring, particularly the blue. Anyone wishing to read *everything* you write, and who uses (for example) a blue skin, is going to have a harder time than normal.[/list]

  6. #6
    5 Star Lounger PaulB's Avatar
    Join Date
    May 2002
    Location
    Ottawa, Ontario
    Posts
    765
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Viruses from Fake XP/IE Updates (Win XPP SP1 I

    Hans, thanks for bringing some clarity to the party. In short, if any email purporting to be from MS contains an attached patch, be afraid... be very afraid.

    MS does provide emailed security notifications to those who subscribe to the service. All mailings are signed using PGP. The MS PGP public key is available for downloading at the site given by SMBP. The fingerprint provided by SMBP is used to authenticate this public key.

    BTW (to SMBP), you do not mention if you actually use PGP to authenticate the PGP signed emails from MS. An oversight?

    Cheers,
    Regards,
    PaulB

  7. #7
    Gold Lounger
    Join Date
    Feb 2003
    Location
    Wardrobe Malfunction Junction, Derry
    Posts
    2,953
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Viruses from Fake XP/IE Updates (Win XPP SP1 IE6SP1)

    This is just a "heads-up" to look out for fake patches delivered as emails.
    There seems to be an increase the last two weeks of attempts to deliver viruses or worms under the guise of Microsoft updates for XP, IE, OE, and Outlook. One came from "support.microsoft.com"--one way to get to the Knowledge base, but not a way that Microsoft sends anything.

    Expanding the headers will show they obviously aren't from MS--and MS security is now sending PGP Keys with digital fingerprints if you get your patches from them.

    These fakes always have attachments--and I doubt anyone posting on the lounge is going to get sucked in--but someone in your home or friends might. They don't usually come on any email I've given to MS, MSN, or Passport, but they could--they come on an old msn newsgroup address frequently spammed before I put "no-spam" in it.

    The latest purports to be a "Network Security Pack" and its vague, phony wording as well as the header gives it away--and it is to apply to Win 9X through XP--which never occurs.

    Ed: Attachment removed by SMBP

    SMBP

  8. #8
    Gold Lounger
    Join Date
    Feb 2003
    Location
    Wardrobe Malfunction Junction, Derry
    Posts
    2,953
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Viruses from Fake XP/IE Updates (Win XPP SP1 IE6SP1)

    Joe--
    The majority of their fixes are security fixes, and I find it convenient to get them from MS Security Bulletin Notification Service with digital P2P keys via email--these are all real--no attachments and links to TechNet security bulletins, and the Tech Net link is to a <span style="background-color: #FFFF00; color: #000000; font-weight: bold">real MS site</span hi>.

    Ed: Attachment Removed by SMBP

    SMBP

  9. #9
    Gold Lounger
    Join Date
    Feb 2003
    Location
    Wardrobe Malfunction Junction, Derry
    Posts
    2,953
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Viruses from Fake XP/IE Updates (Win XPP SP1 IE6SP1)

    Bruce--

    __________________________________________________ ________________________
    "disregard any such e-mail from MS as they never have and never will send e-mails for any fixes, patches or updates, period. That has and always will be their policy"
    __________________________________________________ _____________________________

    This must be news to Microsoft's Security unit at Tech Net!!! They do and always have sent emails for patches, fixes, and updates period and if you left click right here you will land on their Product Security Notification site. Those emails I screen shot were precisely "such" emails from Technet for hotfixes and patches which were updates as well. They were all sent from Microsoft Technet's Hotfix and Security Bulletin Service to my inbox as posted.

    Take a minute to look at the links that you missed in the last post above.

    I've posted scores of screenshots, and 99% of them are reduced and they're all cropped. I'm not particularly fond of Irfranview--have about 20 screengrabbers that crop and resize, including Adobe's, and find it quicker and easier just to use 'ole Paint--basic low level tool that it is. All but the last two composites have been reasonably small relative to all the images I've seen and those two suffered from distortion if they were reduced in Paint --they're jpegs--are they taking too much server real-estate or do they just offend your aesthetic sensitivity? I'm aware of Irfranview, have been for some time, and saw your tutorial on it. But I don't particularly like some of its features for posting screenshots. "Gargantuan" seems to be one of your prodiguous collection of gargantuan verbage from The Grandiloquent Dictionary.

    Ed: Attachment removed by SMBP

    SMBP

  10. #10
    Gold Lounger
    Join Date
    Feb 2003
    Location
    Wardrobe Malfunction Junction, Derry
    Posts
    2,953
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Viruses from Fake XP/IE Updates (Win XPP SP1 IE6SP1)

    "To subscribe to the Microsoft Security Notification Service, please visit the Microsoft Profile Center at...This is a free e-mail notification service that Microsoft uses to send information to subscribers about the security of Microsoft products." This is pasted directly from this Microsoft Security Bulletin Site and I have been getting my patches, hotfixes, and updates exclusively from here with a few exceptions via email just as was screenshot for over two years. Using this site by email avoids chronic Windows Update errors that MS can't seem to fix and has these advantages:

    1) Update says you need fixes you already have--and repeatedly annoys you to get them in error.
    2) Update's servers can be slow and erratic even on a fast cable broadband connection that is performing at the upper limits of what is possible.
    3) Update lacks the links, context, and info provided by this Technet mechanism.
    4) These are available in advance of their placement on Windows Update.
    5) Update sometimes just plain misses hotfixes and security patches.
    6) Update will sometimes say you have a later hotfix than the one proferred and don't need it when there is no later hotfix.
    7) These provide a more accurate and easily retrievable record than Update's erratic history--even when you "personalize" update.

    Further, I screenshot the header from the obvious fake and from the genuine Microsoft emailed hotfix to show the difference. If you look at them, those are from Microsoft's 'Eat Your Own Dogfood' Exchange 2003 servers with their genuine header. As I said before, each and every emailed patch has its own secure PGP key, or numbered matrix with a digital fingerprint: The key's fingerprint is 5E39 0633 D6B3 9788 F776 D980 AB7A 9432.

    You need not join Passport to subscribe to this service. So yes, they send every patch by email if you subscribe, I posted their authentic header contrasted with the fake; they are PGP signed to be authentic, and if you think I posted a fake Microsoft Tech Net site, you can call them toll free and verify the concept of emailing patches, hotfixes, updates. For the very few updates and downloads that aren't security, MS has several sites that list all their latest downloads for all their software in chronological order. You don't need to touch Windows Update to stay completely current.

    SMBP

  11. #11
    Gold Lounger
    Join Date
    Feb 2003
    Location
    Wardrobe Malfunction Junction, Derry
    Posts
    2,953
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Viruses from Fake XP/IE Updates (Win XPP SP1 IE6SP1)

    Hans and Paul--

    Here's what I hope clarifies this, because I really feel that since no one can deny that 99.9% of any patches, hotfixes, adjuncts, and service packs to XP, Office components, Outlook, or OE, are security fixes; and that the security service I linked to does travel by email--it never sends direct attachments, it is from Microsoft and authentic, and it in fact links you to the particular Technet bulletin that will then link you to a Microsoft site for the patch.

    You don't have to be very afraid to get those emails that I linked to--because any link in this thread from me was to a legitimate MS security site--and it does have the advantages over Windows Update which is erratic, and flat out wrong some of the times--and the foibles and chronic defects in Update have been well documented in the lounge the past year. You won't miss security updates with this service--you won't be hurt by a virus, or worm or a "blended threat".

    I do use the PGP keys provided, and of course this won't solve the other well-known oft discussed problem that some of these patches have conflicted with the OS, the browser, OE, or Outlook and caused slowing, erratic performance, or crashes. Only vigilance, reading some of the many newsletters like Woody's--CNet, Langa, MS Watch, ect or XP sites and waiting a bit to see how they play out will help that.

    Sorry to raise confusion. If you aren't subscribing to those services or some of the enterprise services MS is offering to take care of patching--I'm sure I never want to allow automatic patching which Microsoft has been pushing and I know Woody wouldn't--then of course don't touch an email purporting to be from/connected to MS. My purpose was to alert to just those kinds of emails-- the header in Bruce's screenshot is the legitimate MS header from the service-and to say I think there are some advantages to using the free notification service Paul is describing.

    Microsoft is never going to send you attachments for patches and updates directly as a general announcement that's for sure--I have gotten them from a specific person from Microsoft after talking with them by phone and/or email--and in the context of some of the newer KB's that offer hotfixes that haven't undergone regression analysis for specific problems--but that was after a phone conversation that it would be sent as an attachment from a specific person who could be verified at MS--and some of their meeting announcements have attachments which are often logos or part of the meeting announcement. You can always viral scan email, but that's not a guarantee something from the wild won't bite you.

    SMBP

  12. #12
    Super Moderator jscher2000's Avatar
    Join Date
    Feb 2001
    Location
    Silicon Valley, USA
    Posts
    23,112
    Thanks
    5
    Thanked 93 Times in 89 Posts

    Re: Viruses from Fake XP/IE Updates (Win XPP SP1 IE6SP1)

    And for the people who never read your warning, the solution is the attachment security built into Outlook and Outlook Express that everyone complains about. Malware that can't be executed can't hurt you.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •