[THIN] Re: Security Alert! Mspatch email worm

  • From: "Ryan Lambert" <rlambert@xxxxxxxxxxxxxxx>
  • To: <thin@xxxxxxxxxxxxx>
  • Date: Fri, 19 Sep 2003 12:28:53 -0400

w32.Swen, AKA w32.irritating.

I'm getting bombarded in my mailbox with them.

-----Original Message-----
From: Chris Lynch [mailto:lynch00@xxxxxxx] 
Sent: Friday, September 19, 2003 12:08 PM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: Security Alert! Mspatch email worm

 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

There are more than two emails.  I just checked my email this morning,
and
had about 10 messages, with different email subject's and also different
attachment names.  However, the attachments were stripped.

Chris 

- -----Original Message-----
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On
Behalf
Of Bruce Jarrett-Norton
Sent: Friday, September 19, 2003 8:03 AM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: Security Alert! Mspatch email worm

Now mutated in to install1.exe
Same virus same e-mail message.
Also, even if the user click no to not install it the virus is still
installed silently

Bruce Jarrett-Norton
Dart Energy Corporation
Desktop and Network Support Tech.
Mason, MI
ph: 517.244.8729
e-mail: bjarrett@xxxxxxxxxxxxxx
 
"I wonder how much deeper the ocean would be without sponges."
 



 
 
- -----Original Message-----
From: Jim Kenzig http://thethin.net [mailto:jimkenz@xxxxxxxxxxxxxx]
Sent: Friday, September 19, 2003 10:21 AM
To: thin@xxxxxxxxxxxxx; Windows2000@xxxxxxxxxxxxx
Subject: [THIN] Security Alert! Mspatch email worm


Hi Folks,
Tell your people to watch out for this one. It comes with an attachment
called Patch63.exe. Dont open it!
Regards,
Jim Kenzig
http://thethin.net
http://OnDemandAccess.com



Return-Path: <thomas.correge@xxxxxxxxxx>
Received: from mwinf0801.wanadoo.fr (smtp1.wanadoo.fr [193.252.22.23])
 by trollope.concentric.net [Concentric SMTP MX 1.0]
 id h8J7roU00854; Fri, 19 Sep 2003 03:53:50 -0400 (EDT)
 [1-800-745-2747 The Concentric Network]
Errors-To: <thomas.correge@xxxxxxxxxx>
Received: from acckrgxe (AToulouse-105-2-2-14.w217-128.abo.wanadoo.fr
[217.128.11.14])
 by mwinf0801.wanadoo.fr (SMTP Server) with SMTP
 id 9A7651800120; Fri, 19 Sep 2003 09:52:58 +0200 (CEST)
From: "MS Security Services" <lanhocrljbr_smzep@xxxxxxxxxxxxxxxxxxxxx>
To: "Partner" <partner.zjrchgm@xxxxxxxxxxxxxxxxxxxxx>
SUBJECT: New Internet Critical Pack
Mime-Version: 1.0
Content-Type: multipart/mixed; boundary="jnugjaeujs"
Message-Id: <20030919075258.9A7651800120@xxxxxxxxxxxxxxxxxxxx>
Date: Fri, 19 Sep 2003 09:52:58 +0200 (CEST)

- -----Original Message-----
From: MS Security Services
[mailto:lanhocrljbr_smzep@xxxxxxxxxxxxxxxxxxxxx]
Sent: Friday, September 19, 2003 3:53 AM
To: Partner
Subject: New Internet Critical Pack


  Microsoft   All Products |  Support |  Search |  Microsoft.com Guide  
Microsoft Home   
 

MS Partner

this is the latest version of security update, the "September 2003,
Cumulative Patch" update which fixes all known security vulnerabilities
affecting MS Internet Explorer, MS Outlook and MS Outlook Express.
Install now to help protect your computer. This update includes the
functionality of all previously released patches. 


 System requirements Windows 95/98/Me/2000/NT/XP
 This update applies to MS Internet Explorer, version 4.01 and later
MS Outlook, version 8.00 and later
MS Outlook Express, version 4.01 and later 
 RecommendationCustomers should install the patch at the earliest
opportunity.
 How to installRun attached file. Choose Yes on displayed dialog box.
 How to useYou don't need to do anything after installing this item.

Microsoft Product Support Services and Knowledge Base articles can be
found on the Microsoft Technical Support web site. For security-related
information about Microsoft products, please visit the Microsoft
Security Advisor web site, or Contact Us. 

Thank you for using Microsoft products.

Please do not reply to this message. It was sent from an unmonitored
e-mail address and we are unable to respond to any replies.


The names of the actual companies and products mentioned herein are the
trademarks of their respective owners. 

Contact Us  |  Legal  |  TRUSTe 
(c)2003 Microsoft Corporation. All rights reserved. Terms of Use  |
Privacy Statement |  Accessibility 
********************************************************
This Week's Sponsor:  ThinPrint
http://www.thinprint.com
**********************************************************
Useful Thin Client Computing Links are available at:
http://thethin.net/links.cfm

For Archives, to Unsubscribe, Subscribe or 
set Digest or Vacation mode use the below link:
http://thethin.net/citrixlist.cfm

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0
Comment: Public PGP key for Chris Lynch

iQA/AwUBP2sp129fg+xq5T3MEQJ5nwCeKWoyIEcoW8BLmS7rcznwfS5kwKEAoJwE
tRXrd9f6doL7FHaaXCTFOC0I
=RG7L
-----END PGP SIGNATURE-----


********************************************************
This Week's Sponsor:  ThinPrint
http://www.thinprint.com
**********************************************************
Useful Thin Client Computing Links are available at:
http://thethin.net/links.cfm

For Archives, to Unsubscribe, Subscribe or 
set Digest or Vacation mode use the below link:
http://thethin.net/citrixlist.cfm
********************************************************
This Week's Sponsor:  ThinPrint
http://www.thinprint.com
**********************************************************
Useful Thin Client Computing Links are available at:
http://thethin.net/links.cfm

For Archives, to Unsubscribe, Subscribe or 
set Digest or Vacation mode use the below link:
http://thethin.net/citrixlist.cfm

Other related posts:

  1. Home
  2. thin
  3. Archive
  4. 09-2003