w32.Swen, AKA w32.irritating. I'm getting bombarded in my mailbox with them. -----Original Message----- From: Chris Lynch [mailto:lynch00@xxxxxxx] Sent: Friday, September 19, 2003 12:08 PM To: thin@xxxxxxxxxxxxx Subject: [THIN] Re: Security Alert! Mspatch email worm -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 There are more than two emails. I just checked my email this morning, and had about 10 messages, with different email subject's and also different attachment names. However, the attachments were stripped. Chris - -----Original Message----- From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of Bruce Jarrett-Norton Sent: Friday, September 19, 2003 8:03 AM To: thin@xxxxxxxxxxxxx Subject: [THIN] Re: Security Alert! Mspatch email worm Now mutated in to install1.exe Same virus same e-mail message. Also, even if the user click no to not install it the virus is still installed silently Bruce Jarrett-Norton Dart Energy Corporation Desktop and Network Support Tech. Mason, MI ph: 517.244.8729 e-mail: bjarrett@xxxxxxxxxxxxxx "I wonder how much deeper the ocean would be without sponges." - -----Original Message----- From: Jim Kenzig http://thethin.net [mailto:jimkenz@xxxxxxxxxxxxxx] Sent: Friday, September 19, 2003 10:21 AM To: thin@xxxxxxxxxxxxx; Windows2000@xxxxxxxxxxxxx Subject: [THIN] Security Alert! Mspatch email worm Hi Folks, Tell your people to watch out for this one. It comes with an attachment called Patch63.exe. Dont open it! Regards, Jim Kenzig http://thethin.net http://OnDemandAccess.com Return-Path: <thomas.correge@xxxxxxxxxx> Received: from mwinf0801.wanadoo.fr (smtp1.wanadoo.fr [193.252.22.23]) by trollope.concentric.net [Concentric SMTP MX 1.0] id h8J7roU00854; Fri, 19 Sep 2003 03:53:50 -0400 (EDT) [1-800-745-2747 The Concentric Network] Errors-To: <thomas.correge@xxxxxxxxxx> Received: from acckrgxe (AToulouse-105-2-2-14.w217-128.abo.wanadoo.fr [217.128.11.14]) by mwinf0801.wanadoo.fr (SMTP Server) with SMTP id 9A7651800120; Fri, 19 Sep 2003 09:52:58 +0200 (CEST) From: "MS Security Services" <lanhocrljbr_smzep@xxxxxxxxxxxxxxxxxxxxx> To: "Partner" <partner.zjrchgm@xxxxxxxxxxxxxxxxxxxxx> SUBJECT: New Internet Critical Pack Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="jnugjaeujs" Message-Id: <20030919075258.9A7651800120@xxxxxxxxxxxxxxxxxxxx> Date: Fri, 19 Sep 2003 09:52:58 +0200 (CEST) - -----Original Message----- From: MS Security Services [mailto:lanhocrljbr_smzep@xxxxxxxxxxxxxxxxxxxxx] Sent: Friday, September 19, 2003 3:53 AM To: Partner Subject: New Internet Critical Pack Microsoft All Products | Support | Search | Microsoft.com Guide Microsoft Home MS Partner this is the latest version of security update, the "September 2003, Cumulative Patch" update which fixes all known security vulnerabilities affecting MS Internet Explorer, MS Outlook and MS Outlook Express. Install now to help protect your computer. This update includes the functionality of all previously released patches. System requirements Windows 95/98/Me/2000/NT/XP This update applies to MS Internet Explorer, version 4.01 and later MS Outlook, version 8.00 and later MS Outlook Express, version 4.01 and later RecommendationCustomers should install the patch at the earliest opportunity. How to installRun attached file. Choose Yes on displayed dialog box. How to useYou don't need to do anything after installing this item. Microsoft Product Support Services and Knowledge Base articles can be found on the Microsoft Technical Support web site. For security-related information about Microsoft products, please visit the Microsoft Security Advisor web site, or Contact Us. Thank you for using Microsoft products. Please do not reply to this message. It was sent from an unmonitored e-mail address and we are unable to respond to any replies. The names of the actual companies and products mentioned herein are the trademarks of their respective owners. Contact Us | Legal | TRUSTe (c)2003 Microsoft Corporation. All rights reserved. Terms of Use | Privacy Statement | Accessibility ******************************************************** This Week's Sponsor: ThinPrint http://www.thinprint.com ********************************************************** Useful Thin Client Computing Links are available at: http://thethin.net/links.cfm For Archives, to Unsubscribe, Subscribe or set Digest or Vacation mode use the below link: http://thethin.net/citrixlist.cfm -----BEGIN PGP SIGNATURE----- Version: PGP 8.0 Comment: Public PGP key for Chris Lynch iQA/AwUBP2sp129fg+xq5T3MEQJ5nwCeKWoyIEcoW8BLmS7rcznwfS5kwKEAoJwE tRXrd9f6doL7FHaaXCTFOC0I =RG7L -----END PGP SIGNATURE----- ******************************************************** This Week's Sponsor: ThinPrint http://www.thinprint.com ********************************************************** Useful Thin Client Computing Links are available at: http://thethin.net/links.cfm For Archives, to Unsubscribe, Subscribe or set Digest or Vacation mode use the below link: http://thethin.net/citrixlist.cfm ******************************************************** This Week's Sponsor: ThinPrint http://www.thinprint.com ********************************************************** Useful Thin Client Computing Links are available at: http://thethin.net/links.cfm For Archives, to Unsubscribe, Subscribe or set Digest or Vacation mode use the below link: http://thethin.net/citrixlist.cfm