FAQ - Fake Microsoft Update Email

Problem:

I received an email from Microsoft.com that said I needed to use the update patch right now but the email said the patch.exe was not delivered to my inbox. How do I patch my computer?

Solution:

Virus Makers send spam that pretends to be from Microsoft. Some of the email carries an infected payload which our server strips from the message. Here is a recent example of one purporting to be from Microsoft. The bad grammer should be the #1 clue. The number 2 clue is that Microsoft does not send out email telling you to run updates.

In this case, our server caught and removed the virus. It added a text message in the body of the original email.


If you view all the header information, you will see that the Return Path says it is from admin@duma.gov.ru which is probably a fake address. On the other hand, the sending IP says it came from: from localhost (0-1pool59-252.nas4.billings1.mt.us.da.qwest.net [67.5.59.252]). Obviously, this is not from Microsoft.

Visit this document for instructions on the real way to run Microsoft Critical updates.

http://help.isu.edu/index.php?action=knowledgebase&catid=&docid=444

Did this document solve or help you with your problem?

Yes   No  

Category: Viruses and Security     Platform: Not Applicable
Document #: 786     Author: Cynthia Senicka    
Last Modified by: Joshua Moor on 06/12/2008