[THIN] Re: Security Alert! Mspatch email worm

• From: "Pardee, Michael" <MPardee@xxxxxxxx>
• To: "'thin@xxxxxxxxxxxxx'" <thin@xxxxxxxxxxxxx>
• Date: Fri, 19 Sep 2003 12:14:24 -0400

It's mutating in to tons of names.  We've stopped 92 this morning and the
names are all over the place.  Attachments so far end in .exe and .com.

-----Original Message-----
From: Bruce Jarrett-Norton [mailto:bjarrett@xxxxxxxxxxxxxx] 
Sent: Friday, September 19, 2003 11:03 AM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: Security Alert! Mspatch email worm


Now mutated in to install1.exe
Same virus same e-mail message.
Also, even if the user click no to not install it the virus is still
installed silently

Bruce Jarrett-Norton
Dart Energy Corporation
Desktop and Network Support Tech.
Mason, MI
ph: 517.244.8729
e-mail: bjarrett@xxxxxxxxxxxxxx
 
"I wonder how much deeper the ocean would be without sponges."
 



 
 
-----Original Message-----
From: Jim Kenzig http://thethin.net [mailto:jimkenz@xxxxxxxxxxxxxx] 
Sent: Friday, September 19, 2003 10:21 AM
To: thin@xxxxxxxxxxxxx; Windows2000@xxxxxxxxxxxxx
Subject: [THIN] Security Alert! Mspatch email worm


Hi Folks,
Tell your people to watch out for this one. It comes with an attachment
called Patch63.exe. Dont open it! Regards, Jim Kenzig http://thethin.net
http://OnDemandAccess.com



Return-Path: <thomas.correge@xxxxxxxxxx>
Received: from mwinf0801.wanadoo.fr (smtp1.wanadoo.fr [193.252.22.23])  by
trollope.concentric.net [Concentric SMTP MX 1.0]  id h8J7roU00854; Fri, 19
Sep 2003 03:53:50 -0400 (EDT)  [1-800-745-2747 The Concentric Network]
Errors-To: <thomas.correge@xxxxxxxxxx>
Received: from acckrgxe (AToulouse-105-2-2-14.w217-128.abo.wanadoo.fr
[217.128.11.14])
 by mwinf0801.wanadoo.fr (SMTP Server) with SMTP
 id 9A7651800120; Fri, 19 Sep 2003 09:52:58 +0200 (CEST)
From: "MS Security Services" <lanhocrljbr_smzep@xxxxxxxxxxxxxxxxxxxxx>
To: "Partner" <partner.zjrchgm@xxxxxxxxxxxxxxxxxxxxx>
SUBJECT: New Internet Critical Pack
Mime-Version: 1.0
Content-Type: multipart/mixed; boundary="jnugjaeujs"
Message-Id: <20030919075258.9A7651800120@xxxxxxxxxxxxxxxxxxxx>
Date: Fri, 19 Sep 2003 09:52:58 +0200 (CEST)

-----Original Message-----
From: MS Security Services [mailto:lanhocrljbr_smzep@xxxxxxxxxxxxxxxxxxxxx]
Sent: Friday, September 19, 2003 3:53 AM
To: Partner
Subject: New Internet Critical Pack


  Microsoft   All Products |  Support |  Search |  Microsoft.com Guide  
Microsoft Home   
 

MS Partner

this is the latest version of security update, the "September 2003,
Cumulative Patch" update which fixes all known security vulnerabilities
affecting MS Internet Explorer, MS Outlook and MS Outlook Express. Install
now to help protect your computer. This update includes the functionality of
all previously released patches. 


 System requirements Windows 95/98/Me/2000/NT/XP
 This update applies to MS Internet Explorer, version 4.01 and later MS
Outlook, version 8.00 and later MS Outlook Express, version 4.01 and later 
 RecommendationCustomers should install the patch at the earliest
opportunity.  How to installRun attached file. Choose Yes on displayed
dialog box.  How to useYou don't need to do anything after installing this
item.

Microsoft Product Support Services and Knowledge Base articles can be found
on the Microsoft Technical Support web site. For security-related
information about Microsoft products, please visit the Microsoft Security
Advisor web site, or Contact Us. 

Thank you for using Microsoft products.

Please do not reply to this message. It was sent from an unmonitored e-mail
address and we are unable to respond to any replies.


The names of the actual companies and products mentioned herein are the
trademarks of their respective owners. 

Contact Us  |  Legal  |  TRUSTe 
(c)2003 Microsoft Corporation. All rights reserved. Terms of Use  | Privacy
Statement |  Accessibility 
********************************************************
This Week's Sponsor:  ThinPrint
http://www.thinprint.com
**********************************************************
Useful Thin Client Computing Links are available at:
http://thethin.net/links.cfm

For Archives, to Unsubscribe, Subscribe or 
set Digest or Vacation mode use the below link:
http://thethin.net/citrixlist.cfm
Email Confidentiality Notice: The information contained in this transmission
is confidential, proprietary or privileged and may be subject to protection
under the law, including the Health Insurance Portability and Accountability
Act (HIPAA).  The message is intended for the sole use of the individual or
entity to whom it is addressed.  If you are not the intended recipient, you
are notified that any use, distribution or copying of the message is
strictly prohibited and may subject you to criminal or civil penalties.  If
you received this transmission in error, please contact the sender
immediately by replying to this email and delete the material from any
computer.
********************************************************
This Week's Sponsor:  ThinPrint
http://www.thinprint.com
**********************************************************
Useful Thin Client Computing Links are available at:
http://thethin.net/links.cfm

For Archives, to Unsubscribe, Subscribe or 
set Digest or Vacation mode use the below link:
http://thethin.net/citrixlist.cfm

Other related posts:

• » [THIN] Security Alert! Mspatch email worm
• » [THIN] Re: Security Alert! Mspatch email worm
• » [THIN] Re: Security Alert! Mspatch email worm
• » [THIN] Re: Security Alert! Mspatch email worm
• » [THIN] Re: Security Alert! Mspatch email worm
• » [THIN] Re: Security Alert! Mspatch email worm

1. Home
2. thin
3. Archive
4. 09-2003

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---