Has anyone received any patch by e-mail from Microsoft?

Hello all!

I have received an e-mail with a “q648885.exe” attachment and this message:
"Microsoft User

this is the latest version of security update, the “September 2003, Cumulative Patch” update which resolves all known security vulnerabilities affecting MS Internet Explorer, MS Outlook and MS Outlook Express as well as three newly discovered vulnerabilities. Install now to protect your computer from these vulnerabilities, the most serious of which could allow an attacker to run executable on your system. This update includes the functionality of all previously released patches.

System requirements Windows 95/98/Me/2000/NT/XP
This update applies to MS Internet Explorer, version 4.01 and later
MS Outlook, version 8.00 and later
MS Outlook Express, version 4.01 and later
Recommendation Customers should install the patch at the earliest opportunity.
How to install Run attached file. Choose Yes on displayed dialog box.
How to use You don’t need to do anything after installing this item.

Microsoft Product Support Services and Knowledge Base articles can be found on the Microsoft Technical Support web site. For security-related information about Microsoft products, please visit the Microsoft Security Advisor web site, or Contact Us.

Thank you for using Microsoft products.

Please do not reply to this message. It was sent from an unmonitored e-mail address and we are unable to respond to any replies."

I’m thinking that this might be a virus. Did anyone get the same e-mail?
Best regards,

Lasagne

I’m not sure whether it’s a virus (I’m not an antivirus, that’s what they’re for), but do not run the attachment. As a rule of thumb, MS never sends any updates by email. Never.

I did, too, and not for the first time. We all know that Microsoft never sends updates as an attachment via Email.
In my case this attachment contained a virus which was immediately detected by avast¨4

regards

Martin

It’s new I-Worm:Swen (spreads via email/kazaa/irc/newsgroup network). When the virus is opened the first time, displays the number of infected computers: http://ww2.fce.vutbr.cz/bin/counter.gif/link=bacillus.

Hi there,

I tested avast (309-1) against swen.a and it didn’t find it. Don’t you have a signature for that worm yet?

Bye,
ts

Send the file to virus@avast.com, please (asap).

Thanks

Hi there,

you should have received an email recently. :slight_smile:

HTH,
ts :slight_smile:

BTW: There is a nice RRD graphing the hit-counter of the virus available at: http://yauw.de/stats/swen_a.cgi

Guys, the files you sent are detected with the latest VPS update (0309-01)… What’s wrong?

I recieved that thing more than ten times so far! :frowning:

But avast! is picking it up, right?

Vlk,

the computer I am sitting at today finds the virus. Could it be the today’s upgrade to 4.1.268?

The virus is recognized as ‘Swen.A’ when copied to the computer (just the attachment). The mail-proxy alerts on the email and cleans it without any problem.

Sorry for crying wolf…

Kind regards,
ts :slight_smile:

Yes, it’s the update. It’s there since yesterday 5:30pm (approximately)

???I am receiving this stupid infected email in droves!!! I configured avast to discard infected emails unconditionally, but it still alerts me and makes go through the motions of deleting it. Is there something I am doing wrong?

I am running windows xp, outlook xp.

thanks