Okay this is for Sonny, Rockets2K, DoD, codell, and all the other IT guys that post on this BBS: I have been getting emails recently that say about installing a patch with an attachment that has ".exe" on the end of the file name. I have always thought that files with the ".exe" extension were bad files that caused viruses if clicked on. Here is the latest example of an email talking about this: Microsoft Consumer this is the latest version of security update, the "October 2003, Cumulative Patch" update which fixes all known security vulnerabilities affecting MS Internet Explorer, MS Outlook and MS Outlook Express as well as three newly discovered vulnerabilities. Install now to protect your computer from these vulnerabilities, the most serious of which could allow an malicious user to run executable on your computer. This update includes the functionality of all previously released patches. System requirements Windows 95/98/Me/2000/NT/XP This update applies to MS Internet Explorer, version 4.01 and later MS Outlook, version 8.00 and later MS Outlook Express, version 4.01 and later Recommendation Customers should install the patch at the earliest opportunity. How to install Run attached file. Choose Yes on displayed dialog box. How to use You don't need to do anything after installing this item. Microsoft Product Support Services and Knowledge Base articles can be found on the Microsoft Technical Support web site. For security-related information about Microsoft products, please visit the Microsoft Security Advisor web site, or Contact Us. Thank you for using Microsoft products. Please do not reply to this message. It was sent from an unmonitored e-mail address and we are unable to respond to any replies. -------------------------------------------------------------------------------- The names of the actual companies and products mentioned herein are the trademarks of their respective owners. Contact Us | Legal | TRUSTe ©2003 Microsoft Corporation. All rights reserved. Terms of Use | Privacy Statement | Accessibility File: UPDATE.exe (140Kbytes) So, is this stuff legit or on the level or another damn virus/worm/trojan horse?
It's bad. Never, ever open an attachment that comes from Microsoft via e-mail. If you want a patch from MS, you have to go to their web site and download it. I've been getting tons of mail every day regarding new "MS" security patches. It's driving me crazy!
You shuold have an Anti virus on your computer and use it to scan the file you don't know about before you open it. That's the best advice.
I guarantee you that Microsoft will NEVER email you updates. If you have XP use the auto update feature or go here.
I know you already got your answer, but here is some more information straight from the horses mouth. They won't ever send any patches and such through e-mail. http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/policy/swdist.asp "If you receive an e-mail that claims to contain software from Microsoft, do not run the attachment. The safest course of action is to delete the mail altogether. If you would like to take additional action, report the e-mail to the sender's Internet Service Provider. Most ISPs provide an "abuse" userid for this purpose."
Nailed it! WORM_SWEN.A http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_SWEN.A As always, never open anything from someone you don't know, patch your computer and keep your anti-virus updated.
Thanks tolne57 and Sonny. So I take it that any file with the ".exe" extension on it is one to never open? Correct?
Well, an .exe extension means the file is a program. If you know what it is and where it came from you can open it. Just don't open them when the come as attachments to e-mail. While it's possible that a friend sends you something legitimate via e-mail (game.exe), unless you're expecting it, it's probably bad news. The kind of hacking these guys are doing is called Social Engineering. The viruses are just programs or scripts that do whatever it is they do. Not really any different than any other program or script (except they tend to do bad things). The trick is getting you to execute it. By posing as a MS Security patch or a picture of Anna Kournakova the virus writer is trying to get YOU to run their mallicious program.
Manny, never ever download an "update" file through email. Microsoft will NEVER send updates through email. The only way to get an update for Microsoft is to go to their Windows Update site. That email is not legit.
I know its a late reply but... Manny, never,ever under any circumstances just click and run any attachment you recieve. Keep your AV updated, and save the attachment to a special folder and run a full scan on it before even thinking about running it. and last thing, as has been stated above, MS will never under any circumstances send you a update. They expect you to come and get them...besides, that would take resources for someone at MS to setup the mass-mailer and if they arent prepared to take the time to make sure their products are secure, what makes you think they would be nice and help distribute patches to fix their buggy software. anywho..practive safe computing...dont open attachments without scanning them. If you have any doubt, do as you have done this time...ask for advice.
It s worth noting at this point...with the more current generation of virii, even if it comes from a friend...you cant trust it. For example, the last major virus that hit spoofed the sender's address and attached a file so that you would think that your friend had sent it....hoping to catch you offguard and make you activate the virus since it appeared to come from someone you trust. if you get a attachment from a friend...send them an email or call tem and ask if they really sent it.....and even then....scan it with as many AV programs as you can find....I personally use two different AVs to double check everything that comes in... I have never had a virus affect me while using this system.
Two questions that are a bit off topic, but were called to mind upon reading this thread... 1.) I was told that CC.net won't work in Linux internet browsers. Is this true in all cases or just some...or none? For instance, if you were to use Mozilla for Linux, would it work? 2.) My mouse keeps doing this thing where it jumps around the screen randomly. Does this just mean the mouse sucks or can it be as a result of an internal error of some sort? I don't want to get a new mouse and have it do the same thing, is there any way to know for sure? Thanks for any info.
dt, 1) cc.net works in Linux browsers. Mostof the time I will have windows open on my linux box while swiveling over to my other box to do some vid processing.. 2) first, clean the rollers in your mouse and make sure the surface you are using is clean. If that doesnt do the job, switch with another mouse(if you have one) and see if it does it also. They are so cheap, it really isnt anything to just go get another one.
