anybody else get this?



Status
Not open for further replies.
M

Michael Paul

Guest
and I know you did 'cuz I can see your names in the address line. I had to have gotten it from here
since this is the only place that particular e-mail addy is posted.

just be aware. I can see how the uninitiated may actually open the attachment, but do any of us ever
actually open an EXE file from somebdody we've never met?

Internet header: Return-path: <[email protected]> Received: from ms-mta-01.socal.rr.com
(ms-mta-01-smtp.socal.rr.com [10.10.4.125]) by ms-mss-03.socal.rr.com (iPlanet Messaging Server 5.2
HotFix 1.12 (built Feb 13 2003)) with ESMTP id <[email protected]> for
mpaul%san.rr.com@ims-ms-daemon; Sun, 23 Mar 2003 15:16:57 -0800 (PST) Received: from
lamx01.mgw.rr.com (lamx01.mgw.rr.com [66.75.160.12]) by ms-mta-01.socal.rr.com (iPlanet Messaging
Server 5.2 HotFix 1.12 (built Feb 13 2003)) with ESMTP id <[email protected]>
for [email protected] (ORCPT [email protected]); Sun, 23 Mar 2003 15:05:24 -0800 (PST) Received: from
ma10602.mission.com.au ([61.88.6.104]) by lamx01.mgw.rr.com (8.12.5/8.12.5) with SMTP id
h2NNEmAk009640; Sun, 23 Mar 2003 18:14:50 -0500 (EST)

-----Original Message----- From: Fatima Cufurovic [mailto:[email protected]] Sent: Sunday,
March 23, 2003 3:10 PM Subject: Check out these patch which came from Microsoft.

***********************
A virus (WORM_GIBE.B) was detected in the file (q166380.exe). Action taken = remove
***********-***********

Microsoft Consumer

this is the latest version of security update, the "March 2003, Cumulative Patch" update which
eliminates all known security vulnerabilities affecting Internet Explorer, Outlook and Outlook
Express as well as five newly discovered vulnerabilities. Install now to protect your computer from
these vulnerabilities, the most serious of which could allow an attacker to run executable on your
system. This update includes the functionality of all previously released patches.

System requirements: Win 9x/Me/2000/NT/XP

This update applies to: Microsoft Internet Explorer, version 4.01 and later Microsoft Outlook,
version 8.00 and later Microsoft Outlook Express, version 4.01 and later

Recommendation: Customers should install the patch at the earliest opportunity.

How to install: Run attached file. Click Yes on displayed dialog box.

How to use: You don't need to do anything after installing this item.

Microsoft Technical Support is available at http://support.microsoft.com/

For security-related information about Microsoft products, please visit the Microsoft Security
Advisor web site at http://www.microsoft.com/security

Contact us at http://www.microsoft.com/isapi/goregwiz.asp?target=/contactus/contactus.asp

Please do not reply to this message. It was sent from an unmonitored e-mail address and we are
unable to respond to any replies.

Thank you for using Microsoft products.

NOTICE The information contained in this electronic mail message is privileged and confidential, and
is intended only for use of the addressee. If you are not the intended recipient, you are hereby
notified that any disclosure, reproduction, distribution or other use of this communication is
strictly prohibited. If you have received this communication in error, please notify the sender by
reply transmission and delete the message without copying or disclosing it. Mission Australia has
implemented anti-virus software, and whilst all care is taken, it is the recipient's responsibility
to ensure that any attachments are scanned for viruses prior to use.
 
Michael Paul wrote:
> and I know you did 'cuz I can see your names in the address line. I had to have gotten it from
> here since this is the only place that particular e-mail addy is posted.
>
> just be aware. I can see how the uninitiated may actually open the attachment, but do any of us
> ever actually open an EXE file from somebdody we've never met?

Well, I can't since I use OS X, Solaris, or Linux. But if I was using Windows, no. That doesn't mean
plenty of others won't. This is the second version of this e-mail that I have seen, and, yes, I
received this one. I used to not get any spam in the account I use for Usenet but now I get at least
20 a day. One of these days I'll start obsfucating my reply address.

Greg

>
> Internet header: Return-path: <[email protected]> Received: from ms-mta-01.socal.rr.com
> (ms-mta-01-smtp.socal.rr.com [10.10.4.125]) by ms-mss-03.socal.rr.com (iPlanet Messaging Server
> 5.2 HotFix 1.12 (built Feb 13 2003)) with ESMTP id <[email protected]> for
> mpaul%san.rr.com@ims-ms-daemon; Sun, 23 Mar 2003 15:16:57 -0800 (PST) Received: from
> lamx01.mgw.rr.com (lamx01.mgw.rr.com [66.75.160.12]) by ms-mta-01.socal.rr.com (iPlanet Messaging
> Server 5.2 HotFix 1.12 (built Feb 13 2003)) with ESMTP id <[email protected]>
> for [email protected] (ORCPT [email protected]); Sun, 23 Mar 2003 15:05:24 -0800 (PST) Received:
> from ma10602.mission.com.au ([61.88.6.104]) by lamx01.mgw.rr.com (8.12.5/8.12.5) with SMTP id
> h2NNEmAk009640; Sun, 23 Mar 2003 18:14:50 -0500 (EST)
>
>
> -----Original Message----- From: Fatima Cufurovic [mailto:[email protected]] Sent: Sunday,
> March 23, 2003 3:10 PM Subject: Check out these patch which came from Microsoft.
>
>
>

--
"Destroy your safe and happy lives before it is too late, the battles we fought were long and hard,
just not to be consumed by rock n' roll..." - The Mekons
 
"Michael Paul" <[email protected]> wrote in message
news:[email protected]... <snip>

Yes I got it and traced the sender and hence the abuse address to which an email and complaint was
sent. The address was then added to blocked sender list and due to my home network security the
attachement was "nuked" as it entered my mail box.

Simon...........all fun and games.
 
"Michael Paul" <[email protected]> wrote in message
news:[email protected]...
> and I know you did 'cuz I can see your names in the address line. I had
to
> have gotten it from here since this is the only place that particular
e-mail
> addy is posted.
>
> just be aware. I can see how the uninitiated may actually open the attachment, but do any of us
> ever actually open an EXE file from somebdody we've never met?

You underestimate MY stupidity, for one.

It's probably from someone you elbowed off the trail during a race :)

Bill "hardly ever gets any spam (knock on kevlar)" S.
 
"Sorni" <[email protected]> wrote in message
news:[email protected]...
>
> "Michael Paul" <[email protected]> wrote in message
> news:[email protected]...
>
>
> You underestimate MY stupidity, for one.
>
> It's probably from someone you elbowed off the trail during a race :)
>
> Bill "hardly ever gets any spam (knock on kevlar)" S.
>
>

I would hope that you, with your English degree would even suspect something with a subject line
reading "check out these patch"

Michael "I've never elbowed anybody....................on purpose anyway" P
 
Yep....Microsoft has a bulletin posted about it....

http://www.microsoft.com/technet/treeview/?url=/technet/security/policy/swdi st.asp

Huston

"Michael Paul" <[email protected]> wrote in message
news:[email protected]...
> and I know you did 'cuz I can see your names in the address line. I had
to
> have gotten it from here since this is the only place that particular
e-mail
> addy is posted.
>
> just be aware. I can see how the uninitiated may actually open the attachment, but do any of us
> ever actually open an EXE file from somebdody we've never met?
>
> Internet header: Return-path: <[email protected]> Received: from ms-mta-01.socal.rr.com
> (ms-mta-01-smtp.socal.rr.com [10.10.4.125]) by ms-mss-03.socal.rr.com (iPlanet Messaging Server
> 5.2 HotFix 1.12 (built Feb 13 2003)) with ESMTP id <[email protected]> for
> mpaul%san.rr.com@ims-ms-daemon; Sun, 23 Mar 2003 15:16:57 -0800 (PST) Received: from
> lamx01.mgw.rr.com (lamx01.mgw.rr.com [66.75.160.12]) by ms-mta-01.socal.rr.com (iPlanet
> Messaging Server 5.2 HotFix 1.12 (built Feb 13 2003)) with ESMTP id
> <[email protected]> for
[email protected]
> (ORCPT [email protected]); Sun, 23 Mar 2003 15:05:24 -0800 (PST) Received: from
> ma10602.mission.com.au ([61.88.6.104]) by lamx01.mgw.rr.com (8.12.5/8.12.5) with SMTP id
> h2NNEmAk009640; Sun, 23 Mar 2003 18:14:50 -0500 (EST)
>
>
> -----Original Message----- From: Fatima Cufurovic [mailto:[email protected]] Sent: Sunday,
> March 23, 2003 3:10 PM Subject: Check out these patch which came from Microsoft.
>
>
>
> ***********************
> A virus (WORM_GIBE.B) was detected in the file (q166380.exe). Action taken
=
> remove ***********-***********
>
>
>
> Microsoft Consumer
>
> this is the latest version of security update, the "March 2003, Cumulative Patch" update which
> eliminates all known security vulnerabilities affecting Internet Explorer, Outlook and Outlook
> Express as well as five newly discovered vulnerabilities. Install now to protect your computer
> from these vulnerabilities, the most serious of which could allow an attacker to run executable on
> your system. This update includes the functionality of all previously released patches.
>
> System requirements: Win 9x/Me/2000/NT/XP
>
> This update applies to: Microsoft Internet Explorer, version 4.01 and later Microsoft Outlook,
> version 8.00 and later Microsoft Outlook Express, version 4.01 and later
>
> Recommendation: Customers should install the patch at the earliest opportunity.
>
> How to install: Run attached file. Click Yes on displayed dialog box.
>
> How to use: You don't need to do anything after installing this item.
>
> Microsoft Technical Support is available at http://support.microsoft.com/
>
> For security-related information about Microsoft products, please visit the Microsoft Security
> Advisor web site at http://www.microsoft.com/security
>
> Contact us at
>
http://www.microsoft.com/isapi/goregwiz.asp?target=/contactus/contactus.asp
>
>
> Please do not reply to this message. It was sent from an unmonitored e-mail address and we are
> unable to respond to any replies.
>
> Thank you for using Microsoft products.
>
>
>
> NOTICE The information contained in this electronic mail message is privileged
and
> confidential, and is intended only for use of the addressee. If you are
not
> the intended recipient, you are hereby notified that any disclosure, reproduction, distribution or
> other use of this communication is strictly prohibited. If you have received this communication in
> error, please
notify
> the sender by reply transmission and delete the message without copying or disclosing it. Mission
> Australia has implemented anti-virus software, and whilst all care is taken, it is the recipient's
> responsibility to ensure that any attachments are scanned for viruses prior to use.
 
On Sun, 23 Mar 2003 23:55:30 GMT, G.T. <[email protected]> wrote:

>
> Well, I can't since I use OS X, Solaris, or Linux. But if I was using Windows, no. That doesn't
> mean plenty of others won't. This is the second version of this e-mail that I have seen, and, yes,
> I received this one. I used to not get any spam in the account I use for Usenet but now I get at
> least 20 a day. One of these days I'll start obsfucating my reply address.
>
> Greg
>

Eschew obfuscation!
 
Status
Not open for further replies.