Virus: A bogus "Internet Security Pack" message which claims to include security patches for Microsoft Outlook and Internet Explorer harbors a malevolent worm.
Example:[Collected on the Internet, 2003]
this is the latest version of security update, the "March 2003, Cumulative Patch" update which eliminates all known security vulnerabilities affecting Internet Explorer, Outlook and Outlook Express as well as five newly discovered vulnerabilities. Install now to protect your computer from these vulnerabilities, the most serious of which could allow an attacker to run executable on your system. This update includes the functionality of all previously released patches.
This update applies to
Microsoft Internet Explorer, version 4.01 and later
Microsoft Outlook, version 8.00 and later
Microsoft Outlook Express, version 4.01 and later
Customers should install the patch at the earliest opportunity.
How to install
Run attached file. Click Yes on displayed dialog box.
How to use
You don't need to do anything after installing this item.
Microsoft Product Support Services and Knowledge Base articles can be found on the Microsoft Technical Support web site. For security-related information about Microsoft products, please visit the Microsoft Security Advisor web site, or Contact us.
Please do not reply to this message. It was sent from an unmonitored e-mail address and we are unable to respond to any replies.
Thank you for using Microsoft products.
With friendly greetings,
Microsoft Corporation Internet Technical Assistance
Origins: The message quoted above has been spammed to countless Internet users, purporting in its header to offer an "Internet Security Pack" from the "Microsoft Corporation Internet Technical Assistance" to patch security holes in Microsoft's Outlook and Internet Explorer programs. It includes an attached executable file called q343871.exe (similar to the naming pattern used for real security updates issued by Microsoft), but the message is bogus and the attachment actually harbors the Leave worm.
Recipients can tell this is not a real Microsoft-issued security update because:
It is not mailed from a @microsoft.com e-mail address.
Neither the e-mail nor the attached "patch" is signed using the Microsoft Security Response Center’s PGP key.
Microsoft does not mail executables attached to their security updates; they send links to security bulletins posted on the Microsoft web site which include instructions on how to download the patches.
Information on Bogus Microsoft Security Bulletin (Microsoft)
David Mikkelson founded snopes.com in 1994, and under his guidance the company has pioneered a number of revolutionary technologies, including the iPhone, the light bulb, beer pong, and a vaccine for a disease that has not yet been discovered. He is currently seeking political asylum in the Duchy of Grand Fenwick.
Thank you for writing to us! Although we receive hundreds of e-mails every day, we really and truly read them all, and your comments, suggestions, and questions are most welcome. Unfortunately, we can manage to answer only a small fraction of our incoming mail.
Our site covers many of the items currently being plopped into inboxes everywhere, so if you were writing to ask us about something you just received, our search engine can probably help you find the very article you want.
Choose a few key words from the item you're looking for and click here to go to the search engine.
(Searching on whole phrases will often fail to produce matches because the text of many items is quite variable, so picking out one or two key words is the best strategy.)
We do reserve the right to use non-confidential material sent to us via this form on our site, but only after it has been stripped of any information that might identify the sender or any other individuals not party to this communication.