Thanks for warning folks! You know, if these fools would get a clue and use correct grammer, punctuation and spelling it wouldn't be so darned easy to tell that they are a bogus attempt by illiterate idiots at getting folks to infect their computers. My opinion of virus and worm writers' intelligence is pretty much always backed up by their stupidity when it comes to attempting to copy legitimate websites. They invariably use half sentences, don't capitalize the first word in a sentence or say something utterly alien to English phraseolgy (if that's even a word) (Well, I never said I was *that* smart) ;) The problem is, it's really easy for folks to blast through a quick scan of something and miss all those little details and then think it's legitimate. So, keep an eye out and really read things carefully is my advice before clicking on anything. You did the smart thing by going to the horses mouth and checking for updates on your own. I always send out warnings to my users when these kinds of things come out and, generally, we've been pretty lucky because with a bit of forewarning, they stop a minute and then decide they should check with me first before doing drastic things. So far, (knock on wood) I've only had one staff member execute the patch. She was so scared afterwards, she called me immediately and I had her unplug from the network until I got there with all the fixes. It still took me a good hour to get the junk off her machine and make it all well again. One good thing came out of it...she'll never click on any executable again. She was pretty mortified that she actually was had so that alone was worth it in my opinion. No reproachment from me could do it better than that hands on experience. So, see, good can come out of all situations if one looks deep enough. That's one less staff member I ever have to worry about doing something they shouldn't. :) Ya'll be careful out there! Kat "Most people don't pay attention to the calm voice of reason unless it's juxtaposed by screaming idiots on either side of the fence." -----Original Message----- From: pctechtalk-bounce@xxxxxxxxxxxxx [mailto:pctechtalk-bounce@xxxxxxxxxxxxx] On Behalf Of TechRose@xxxxxxxxxxxxxx Sent: Tuesday, September 23, 2003 2:31 PM To: pctechtalk@xxxxxxxxxxxxx Subject: -=PCTechTalk=- Microsoft Update` I just want to warn everyone. Be careful as this email looks like the real thing! I just got an email supposedly from Microsoft that was sooooo convincing looking. It used their colors..had links to their website and all! I clicked on the links..and they looked like they went to the real site..but we know you can put a like to a real site in an email. I used my IE and went to the Microsoft Update and there were no available updates for my system as I had them all. This is the most real looking email I have ever received that I KNOW cannot be real! lt was a security update with an .exe file attached that was 106kb It was Patch68.exe Rose Las Vegas Here is the contents of the email ------------------------------------------------------ Microsoft Client this is the latest version of security update, the "September 2003, Cumulative Patch" update which eliminates all known security vulnerabilities affecting MS Internet Explorer, MS Outlook and MS Outlook Express as well as three newly discovered vulnerabilities. Install now to protect your computer from these vulnerabilities, the most serious of which could allow an attacker to run executable on your system. This update includes the functionality of all previously released patches. System requirements Windows 95/98/Me/2000/NT/XP This update applies to MS Internet Explorer, version 4.01 and later MS Outlook, version 8.00 and later MS Outlook Express, version 4.01 and later Recommendation Customers should install the patch at the earliest opportunity. How to install Run attached file. Choose Yes on displayed dialog box. How to use You don't need to do anything after installing this item. Microsoft Product Support Services and Knowledge Base articles can be found on the Microsoft Technical Support web site. For security-related information about Microsoft products, please visit the Microsoft Security Advisor web site, or Contact Us. Thank you for using Microsoft products. Please do not reply to this message. It was sent from an unmonitored e-mail address and we are unable to respond to any replies. ------------------------------------------------------------------------ -- The names of the actual companies and products mentioned herein are the trademarks of their respective owners. Contact Us | Legal | TRUSTe C2003 Microsoft Corporation. All rights reserved. Terms of Use | Privacy Statement | Accessibility To unsub or change your email settings: //www.freelists.org/webpage/pctechtalk To access our Archives: http://groups.yahoo.com/group/PCTechTalk/messages/ //www.freelists.org/archives/pctechtalk/ For more info: //www.freelists.org/cgi-bin/list?list_id=pctechtalk To unsub or change your email settings: //www.freelists.org/webpage/pctechtalk To access our Archives: http://groups.yahoo.com/group/PCTechTalk/messages/ //www.freelists.org/archives/pctechtalk/ For more info: //www.freelists.org/cgi-bin/list?list_id=pctechtalk