[ISN] Virus poses as Microsoft security patch

From: InfoSec News (isnat_private)
Date: Tue Oct 01 2002 - 02:04:43 PDT

  • Next message: InfoSec News: "[ISN] FBI to release computer-security updates"

    By Matt Berger
    IDG News Service, 09/30/02 
    A virus posing as a security patch from Microsoft is circulating on
    the Internet, Microsoft confirmed Monday.
    The virus is being distributed in a hoax e-mail that advertises a
    patch for a series of vulnerabilities in Microsoft's Internet Explorer
    Web browser and Outlook software. The authentic patch for those flaws
    was actually released in February. Microsoft said that it has not
    updated the patch and that the e-mail is in fact fraudulent.
    The e-mail uses a Microsoft address and has the subject line "Internet
    Security Update." It tells users to immediately run an attached ".exe"  
    file with the name q216309.exe, which a Microsoft spokeswoman
    confirmed is a virus.
    A similar hoax e-mail was distributed in March carrying the
    W32.Gibe@mm worm, which installed a backdoor Trojan if opened that
    allowed remote access to a user's computer.
    The company first saw the e-mail early Monday after being alerted by
    IDG News Service and could not comment on how widely it may have been
    distributed. Microsoft is urging users to not run the attachment and
    referred users to information on its Web site about other hoax e-mail.
    ISN is currently hosted by Attrition.org
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.

    This archive was generated by hypermail 2b30 : Tue Oct 01 2002 - 05:13:06 PDT