If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
|
Thread Tools | Display Modes |
#1
|
|||
|
|||
REMINDER!! Emails "from Microsoft"
People should be aware that Microsoft *never* sends updates or other
code, updates, fixes, etc., via email. If you get an email claiming to be from Microsoft that has an attachment of any kind (other than the ATxxxxx.HTM attachment that results from setting your reader to read in plain-text-only) it is a HOAX! It may or may not contain malicious payloads. As stated by MS itself in the following: * Microsoft will never attach software updates to our security e-mail notifications. Rather, we refer customers to our Web site for complete information on the software update or security incident. Most Microsoft software updates are provided through Microsoft Windows Update, Microsoft Office Update, or the Microsoft Download Center. This is a common scam for which Microsoft has long standing guidance available at http://www.microsoft.com/security/in...cate_mail.mspx. * In addition, as a best practice users should always exercise extreme caution when opening unsolicited attachments from both known and unknown sources. -- Gary S. Terhune MS MVP Shell/User |
#2
|
|||
|
|||
Excellent reminder Gary !
There are several Internet worms that masquerade as patches from Microsoft. The most common are; Swen, Dumaru, Gibe and Torvil. All AV companies and Microsoft are fully aware of this problem. All you can do is... 1. Keep your AV package up-to-date 2. Create email "rules" to auto-delete the offending messages 3. Petition your ISP to install AV software on their respective email servers. 4. Install *all* MS Critical Updates via the Windows Update web site. 5. Always munge your email address when posting to UseNet 6. If all else fails, Change your email address. -- Dave "Gary S. Terhune" wrote in message ... | People should be aware that Microsoft *never* sends updates or other | code, updates, fixes, etc., via email. If you get an email claiming to | be from Microsoft that has an attachment of any kind (other than the | ATxxxxx.HTM attachment that results from setting your reader to read in | plain-text-only) it is a HOAX! It may or may not contain malicious | payloads. As stated by MS itself in the following: | | * Microsoft will never attach software updates to our security | e-mail notifications. Rather, we refer customers to our Web site for | complete information on the software update or security incident. Most | Microsoft software updates are provided through Microsoft Windows | Update, Microsoft Office Update, or the Microsoft Download Center. This | is a common scam for which Microsoft has long standing guidance | available at | http://www.microsoft.com/security/in...cate_mail.mspx. | | * In addition, as a best practice users should always exercise | extreme caution when opening unsolicited attachments from both known and | unknown sources. | | -- | Gary S. Terhune | MS MVP Shell/User | | |
#3
|
|||
|
|||
As an added note, if you use Outlook Express 6 as you email client, you
should use the option found on the Read tab in Options to "Read in Plain-text only". While this will not prevent you from opening an attachment unadvisedly, it *will* stop potentially harmful payloads embedded in HTML from executing. Then you can do as I do and complain to *anybody* who send you HTML email. Or at least complain if the content isn't as easily readable in plain text as it is in HTML. -- Gary S. Terhune MS MVP Shell/User "David H. Lipman" wrote in message ... Excellent reminder Gary ! There are several Internet worms that masquerade as patches from Microsoft. The most common are; Swen, Dumaru, Gibe and Torvil. All AV companies and Microsoft are fully aware of this problem. All you can do is... 1. Keep your AV package up-to-date 2. Create email "rules" to auto-delete the offending messages 3. Petition your ISP to install AV software on their respective email servers. 4. Install *all* MS Critical Updates via the Windows Update web site. 5. Always munge your email address when posting to UseNet 6. If all else fails, Change your email address. -- Dave "Gary S. Terhune" wrote in message ... | People should be aware that Microsoft *never* sends updates or other | code, updates, fixes, etc., via email. If you get an email claiming to | be from Microsoft that has an attachment of any kind (other than the | ATxxxxx.HTM attachment that results from setting your reader to read in | plain-text-only) it is a HOAX! It may or may not contain malicious | payloads. As stated by MS itself in the following: | | * Microsoft will never attach software updates to our security | e-mail notifications. Rather, we refer customers to our Web site for | complete information on the software update or security incident. Most | Microsoft software updates are provided through Microsoft Windows | Update, Microsoft Office Update, or the Microsoft Download Center. This | is a common scam for which Microsoft has long standing guidance | available at | http://www.microsoft.com/security/in...cate_mail.mspx. | | * In addition, as a best practice users should always exercise | extreme caution when opening unsolicited attachments from both known and | unknown sources. | | -- | Gary S. Terhune | MS MVP Shell/User | | |
#4
|
|||
|
|||
Don't drive Lexuses (Lexi?) either:
http://www.infosecnews.com/news/inde...&newsType=News paste Mobile virus infects Lexus cars by David Quainton Lexus cars may be vulnerable to viruses that infect them via mobile phones. Landcruiser 100 models LX470 and LS430 have been discovered with infected operating systems that transfer within a range of 15 feet. "If infected mobile devices are scary, just thinking about an infected onboard computer..," said Eugene Kaspersky, head of anti-virus research at Russian firm Kaspersky. "We do know that car manufacturers are integrating existing operating systems into their onboard computers (take the Fiat and Microsoft deal, for instance)." It is understood the virus could affect the navigation system of the Lexus models, it transfers onto them via a Bluetooth mobile phone connection. It is still unclear which operating system the cars in question use. "At this stage it's still early but it just goes to show that technology has consequences," said David Emm, senior technology consultant at Kaspersky. "It's scary stuff." Vulnerable operating systems are increasingly moving onto a number of different devices. Last year the Slammer worm infected 13,000 Bank of America ATMs as a result of them moving to a Windows-based operating system. "I've even seen screenshots of major commercial aeroplanes with Windows 2000-based operating systems," said Mikko Hypponen, director of anti-virus research at Finnish firm F-Secure. "Cars are an obvious target for viruses. It's okay if you don't use the operating system for the engine and the brakes, but when you do..." Bill Gates is a known Lexus driver. In 1999 he auctioned one for charity. When contacted Lexus declined to comment. /paste -- ~PAÞ Gary S. Terhune wrote: People should be aware that Microsoft *never* sends updates or other code, updates, fixes, etc., via email. If you get an email claiming to be from Microsoft that has an attachment of any kind (other than the ATxxxxx.HTM attachment that results from setting your reader to read in plain-text-only) it is a HOAX! It may or may not contain malicious payloads. As stated by MS itself in the following: * Microsoft will never attach software updates to our security e-mail notifications. Rather, we refer customers to our Web site for complete information on the software update or security incident. Most Microsoft software updates are provided through Microsoft Windows Update, Microsoft Office Update, or the Microsoft Download Center. This is a common scam for which Microsoft has long standing guidance available at http://www.microsoft.com/security/in...cate_mail.mspx. * In addition, as a best practice users should always exercise extreme caution when opening unsolicited attachments from both known and unknown sources. |
#5
|
|||
|
|||
Brian Livingston dropped this interesting little tid-bit into my Inbox a
few minutes ago about anti-adware/spyware apps (scroll down a ways for the actual article.) http://windowssecrets.com/050127 Very interesting.... (Note the score of Giant, which is what MS bought for their new Anti-Spyware apps that's not in beta testing.) -- Gary S. Terhune MS MVP Shell/User "PA Bear" wrote in message ... Don't drive Lexuses (Lexi?) either: http://www.infosecnews.com/news/inde...&newsType=News paste Mobile virus infects Lexus cars by David Quainton Lexus cars may be vulnerable to viruses that infect them via mobile phones. Landcruiser 100 models LX470 and LS430 have been discovered with infected operating systems that transfer within a range of 15 feet. "If infected mobile devices are scary, just thinking about an infected onboard computer..," said Eugene Kaspersky, head of anti-virus research at Russian firm Kaspersky. "We do know that car manufacturers are integrating existing operating systems into their onboard computers (take the Fiat and Microsoft deal, for instance)." It is understood the virus could affect the navigation system of the Lexus models, it transfers onto them via a Bluetooth mobile phone connection. It is still unclear which operating system the cars in question use. "At this stage it's still early but it just goes to show that technology has consequences," said David Emm, senior technology consultant at Kaspersky. "It's scary stuff." Vulnerable operating systems are increasingly moving onto a number of different devices. Last year the Slammer worm infected 13,000 Bank of America ATMs as a result of them moving to a Windows-based operating system. "I've even seen screenshots of major commercial aeroplanes with Windows 2000-based operating systems," said Mikko Hypponen, director of anti-virus research at Finnish firm F-Secure. "Cars are an obvious target for viruses. It's okay if you don't use the operating system for the engine and the brakes, but when you do..." Bill Gates is a known Lexus driver. In 1999 he auctioned one for charity. When contacted Lexus declined to comment. /paste -- ~PAÞ Gary S. Terhune wrote: People should be aware that Microsoft *never* sends updates or other code, updates, fixes, etc., via email. If you get an email claiming to be from Microsoft that has an attachment of any kind (other than the ATxxxxx.HTM attachment that results from setting your reader to read in plain-text-only) it is a HOAX! It may or may not contain malicious payloads. As stated by MS itself in the following: * Microsoft will never attach software updates to our security e-mail notifications. Rather, we refer customers to our Web site for complete information on the software update or security incident. Most Microsoft software updates are provided through Microsoft Windows Update, Microsoft Office Update, or the Microsoft Download Center. This is a common scam for which Microsoft has long standing guidance available at http://www.microsoft.com/security/in...cate_mail.mspx. * In addition, as a best practice users should always exercise extreme caution when opening unsolicited attachments from both known and unknown sources. |
#6
|
|||
|
|||
Correction! "...that's NOW in beta testing."
-- Gary S. Terhune MS MVP Shell/User "Gary S. Terhune" wrote in message ... Brian Livingston dropped this interesting little tid-bit into my Inbox a few minutes ago about anti-adware/spyware apps (scroll down a ways for the actual article.) http://windowssecrets.com/050127 Very interesting.... (Note the score of Giant, which is what MS bought for their new Anti-Spyware apps that's not in beta testing.) -- Gary S. Terhune MS MVP Shell/User "PA Bear" wrote in message ... Don't drive Lexuses (Lexi?) either: http://www.infosecnews.com/news/inde...&newsType=News paste Mobile virus infects Lexus cars by David Quainton Lexus cars may be vulnerable to viruses that infect them via mobile phones. Landcruiser 100 models LX470 and LS430 have been discovered with infected operating systems that transfer within a range of 15 feet. "If infected mobile devices are scary, just thinking about an infected onboard computer..," said Eugene Kaspersky, head of anti-virus research at Russian firm Kaspersky. "We do know that car manufacturers are integrating existing operating systems into their onboard computers (take the Fiat and Microsoft deal, for instance)." It is understood the virus could affect the navigation system of the Lexus models, it transfers onto them via a Bluetooth mobile phone connection. It is still unclear which operating system the cars in question use. "At this stage it's still early but it just goes to show that technology has consequences," said David Emm, senior technology consultant at Kaspersky. "It's scary stuff." Vulnerable operating systems are increasingly moving onto a number of different devices. Last year the Slammer worm infected 13,000 Bank of America ATMs as a result of them moving to a Windows-based operating system. "I've even seen screenshots of major commercial aeroplanes with Windows 2000-based operating systems," said Mikko Hypponen, director of anti-virus research at Finnish firm F-Secure. "Cars are an obvious target for viruses. It's okay if you don't use the operating system for the engine and the brakes, but when you do..." Bill Gates is a known Lexus driver. In 1999 he auctioned one for charity. When contacted Lexus declined to comment. /paste -- ~PAÞ Gary S. Terhune wrote: People should be aware that Microsoft *never* sends updates or other code, updates, fixes, etc., via email. If you get an email claiming to be from Microsoft that has an attachment of any kind (other than the ATxxxxx.HTM attachment that results from setting your reader to read in plain-text-only) it is a HOAX! It may or may not contain malicious payloads. As stated by MS itself in the following: * Microsoft will never attach software updates to our security e-mail notifications. Rather, we refer customers to our Web site for complete information on the software update or security incident. Most Microsoft software updates are provided through Microsoft Windows Update, Microsoft Office Update, or the Microsoft Download Center. This is a common scam for which Microsoft has long standing guidance available at http://www.microsoft.com/security/in...cate_mail.mspx. * In addition, as a best practice users should always exercise extreme caution when opening unsolicited attachments from both known and unknown sources. |
#7
|
|||
|
|||
Bluetooth is worthless, imo because it can be easily cracked by hackers.
Walt Mossberg of the Wall Street Journal has reported problems with Bluetooth technology because hackers could break through it and steal address information and other personnel information. I for one will not use Bluetooth technology because of its vulnerabilities. "PA Bear" wrote in message ... : Don't drive Lexuses (Lexi?) either: : : http://www.infosecnews.com/news/inde...&newsType=News : : paste : Mobile virus infects Lexus cars : by David Quainton : : Lexus cars may be vulnerable to viruses that infect them via mobile phones. : Landcruiser 100 models LX470 and LS430 have been discovered with infected : operating systems that transfer within a range of 15 feet. : "If infected mobile devices are scary, just thinking about an infected : onboard : computer..," said Eugene Kaspersky, head of anti-virus research at Russian : firm Kaspersky. "We do know that car manufacturers are integrating existing : operating systems into their onboard computers (take the Fiat and Microsoft : deal, for instance)." : : It is understood the virus could affect the navigation system of the Lexus : models, it transfers onto them via a Bluetooth mobile phone connection. It : is : still unclear which operating system the cars in question use. : : "At this stage it's still early but it just goes to show that technology has : consequences," said David Emm, senior technology consultant at Kaspersky. : "It's scary stuff." : : Vulnerable operating systems are increasingly moving onto a number of : different devices. Last year the Slammer worm infected 13,000 Bank of : America : ATMs as a result of them moving to a Windows-based operating system. : : "I've even seen screenshots of major commercial aeroplanes with Windows : 2000-based operating systems," said Mikko Hypponen, director of anti-virus : research at Finnish firm F-Secure. "Cars are an obvious target for viruses. : It's okay if you don't use the operating system for the engine and the : brakes, : but when you do..." : : Bill Gates is a known Lexus driver. In 1999 he auctioned one for charity. : : When contacted Lexus declined to comment. : /paste : -- : ~PAÞ : : Gary S. Terhune wrote: : People should be aware that Microsoft *never* sends updates or other : code, updates, fixes, etc., via email. If you get an email claiming to : be from Microsoft that has an attachment of any kind (other than the : ATxxxxx.HTM attachment that results from setting your reader to read in : plain-text-only) it is a HOAX! It may or may not contain malicious : payloads. As stated by MS itself in the following: : : * Microsoft will never attach software updates to our security : e-mail notifications. Rather, we refer customers to our Web site for : complete information on the software update or security incident. Most : Microsoft software updates are provided through Microsoft Windows : Update, Microsoft Office Update, or the Microsoft Download Center. This : is a common scam for which Microsoft has long standing guidance : available at : http://www.microsoft.com/security/in...cate_mail.mspx. : : * In addition, as a best practice users should always exercise : extreme caution when opening unsolicited attachments from both known and : unknown sources. : |
#8
|
|||
|
|||
Thanks for the article, Gary. I found it very interesting. I use SpySweeper
by Webroot and have found it to be a great tool in helping me prevent spyware and adware infestations. I also use SpywareBlaster, Adaware and Spybot -- Search and Destroy. I recently upgraded my hardware firewalled D-Link router to a more secure hardware firewalled LinkSys 4-port router. I also use ZA Pro and was pleased that it was well received in the article. I was surprised the article did not say anything about E-Trust and its firewall and antivirus program. Also, I did not know that Giant Antispyware applications were so good and had actually never heard of Giant until Microsoft purchased them. Hopefully, Giant will be able to bring an excellent anti-spyware product to Microsoft after beta-testing is done. I am also looking forward to Microsoft entering the anti-virus arena and hope they will be able to excel at this field as well. Anyway, have a great night and we can "talk" back and forth on Friday. (AntiVir is my current antivirus program although that will change to E-trust soon) "Gary S. Terhune" wrote in message ... : Brian Livingston dropped this interesting little tid-bit into my Inbox a : few minutes ago about anti-adware/spyware apps (scroll down a ways for : the actual article.) : : http://windowssecrets.com/050127 : : Very interesting.... (Note the score of Giant, which is what MS bought : for their new Anti-Spyware apps that's not in beta testing.) : : -- : Gary S. Terhune : MS MVP Shell/User : : "PA Bear" wrote in message : ... : Don't drive Lexuses (Lexi?) either: : : : http://www.infosecnews.com/news/inde...&newsType=News : : paste : Mobile virus infects Lexus cars : by David Quainton : : Lexus cars may be vulnerable to viruses that infect them via mobile : phones. : Landcruiser 100 models LX470 and LS430 have been discovered with : infected : operating systems that transfer within a range of 15 feet. : "If infected mobile devices are scary, just thinking about an infected : onboard : computer..," said Eugene Kaspersky, head of anti-virus research at : Russian : firm Kaspersky. "We do know that car manufacturers are integrating : existing : operating systems into their onboard computers (take the Fiat and : Microsoft : deal, for instance)." : : It is understood the virus could affect the navigation system of the : Lexus : models, it transfers onto them via a Bluetooth mobile phone : connection. It : is : still unclear which operating system the cars in question use. : : "At this stage it's still early but it just goes to show that : technology has : consequences," said David Emm, senior technology consultant at : Kaspersky. : "It's scary stuff." : : Vulnerable operating systems are increasingly moving onto a number of : different devices. Last year the Slammer worm infected 13,000 Bank of : America : ATMs as a result of them moving to a Windows-based operating system. : : "I've even seen screenshots of major commercial aeroplanes with : Windows : 2000-based operating systems," said Mikko Hypponen, director of : anti-virus : research at Finnish firm F-Secure. "Cars are an obvious target for : viruses. : It's okay if you don't use the operating system for the engine and the : brakes, : but when you do..." : : Bill Gates is a known Lexus driver. In 1999 he auctioned one for : charity. : : When contacted Lexus declined to comment. : /paste : -- : ~PAÞ : : Gary S. Terhune wrote: : People should be aware that Microsoft *never* sends updates or other : code, updates, fixes, etc., via email. If you get an email claiming : to : be from Microsoft that has an attachment of any kind (other than the : ATxxxxx.HTM attachment that results from setting your reader to read : in : plain-text-only) it is a HOAX! It may or may not contain malicious : payloads. As stated by MS itself in the following: : : * Microsoft will never attach software updates to our : security : e-mail notifications. Rather, we refer customers to our Web site for : complete information on the software update or security incident. : Most : Microsoft software updates are provided through Microsoft Windows : Update, Microsoft Office Update, or the Microsoft Download Center. : This : is a common scam for which Microsoft has long standing guidance : available at : http://www.microsoft.com/security/in...cate_mail.mspx. : : * In addition, as a best practice users should always : exercise : extreme caution when opening unsolicited attachments from both known : and : unknown sources. : : |
#9
|
|||
|
|||
Gary, I am not trying to be unkind in saying this but Microsoft does send
hotfixes for 98SE through e-mail although Microsoft has never used attachments in the e-mail they send me. Also, I have always contacted Microsoft before they sent me an e-mail and it is always regards what I talked about to the tech. on the telephone; they use a web-link in the e-mail so I can download the hotfix. The e-mail includes a password in order to unlock the file that Microsoft sends you. AFAIK, this is how it is always done and if it is done differently in certain circumstances then feel free to correct me. "Gary S. Terhune" wrote in message ... : People should be aware that Microsoft *never* sends updates or other : code, updates, fixes, etc., via email. If you get an email claiming to : be from Microsoft that has an attachment of any kind (other than the : ATxxxxx.HTM attachment that results from setting your reader to read in : plain-text-only) it is a HOAX! It may or may not contain malicious : payloads. As stated by MS itself in the following: : : * Microsoft will never attach software updates to our security : e-mail notifications. Rather, we refer customers to our Web site for : complete information on the software update or security incident. Most : Microsoft software updates are provided through Microsoft Windows : Update, Microsoft Office Update, or the Microsoft Download Center. This : is a common scam for which Microsoft has long standing guidance : available at : http://www.microsoft.com/security/in...cate_mail.mspx. : : * In addition, as a best practice users should always exercise : extreme caution when opening unsolicited attachments from both known and : unknown sources. : : -- : Gary S. Terhune : MS MVP Shell/User : : |
#10
|
|||
|
|||
Excuse me, Dan, but that is precisely what the excerpts I quoted
suggested. They *don't* send any patches via email, just instructions for where and how to get them. -- Gary S. Terhune MS MVP Shell/User "Dan" wrote in message ... Gary, I am not trying to be unkind in saying this but Microsoft does send hotfixes for 98SE through e-mail although Microsoft has never used attachments in the e-mail they send me. Also, I have always contacted Microsoft before they sent me an e-mail and it is always regards what I talked about to the tech. on the telephone; they use a web-link in the so I can download the hotfix. The e-mail includes a password in order to unlock the file that Microsoft sends you. AFAIK, this is how it is always done and if it is done differently in certain circumstances then feel free to correct me. "Gary S. Terhune" wrote in message ... : People should be aware that Microsoft *never* sends updates or other : code, updates, fixes, etc., via email. If you get an email claiming to : be from Microsoft that has an attachment of any kind (other than the : ATxxxxx.HTM attachment that results from setting your reader to read in : plain-text-only) it is a HOAX! It may or may not contain malicious : payloads. As stated by MS itself in the following: : : * Microsoft will never attach software updates to our security : e-mail notifications. Rather, we refer customers to our Web site for : complete information on the software update or security incident. Most : Microsoft software updates are provided through Microsoft Windows : Update, Microsoft Office Update, or the Microsoft Download Center. This : is a common scam for which Microsoft has long standing guidance : available at : http://www.microsoft.com/security/in...cate_mail.mspx. : : * In addition, as a best practice users should always exercise : extreme caution when opening unsolicited attachments from both known and : unknown sources. : : -- : Gary S. Terhune : MS MVP Shell/User : : |
|
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Winzip woes~further | Rodney | General | 43 | February 4th 05 03:22 PM |
Microsoft Security Bulletin MS04-024 - Vulnerability in Windows Shell Could Allow Remote Code Execution (839645) | Gary S. Terhune | General | 2 | July 14th 04 05:06 AM |
Microsoft Security Bulletin MS04-023--Please Note! | Gary S. Terhune | General | 4 | July 14th 04 04:39 AM |
Please help! Display settings !! | Mitzi | Monitors & Displays | 12 | July 11th 04 05:19 AM |
MICROSOFT 97 | mary bran | Software & Applications | 1 | July 10th 04 11:12 PM |