FAQ - Fake Microsoft Update Email


I received an email from Microsoft.com that said I needed to use the update patch right now but the email said the patch.exe was not delivered to my inbox. How do I patch my computer?


Virus Makers send spam that pretends to be from Microsoft. Some of the email carries an infected payload which our server strips from the message. Here is a recent example of one purporting to be from Microsoft. The bad grammer should be the #1 clue. The number 2 clue is that Microsoft does not send out email telling you to run updates.

In this case, our server caught and removed the virus. It added a text message in the body of the original email.

If you view all the header information, you will see that the Return Path says it is from admin@duma.gov.ru which is probably a fake address. On the other hand, the sending IP says it came from: from localhost (0-1pool59-252.nas4.billings1.mt.us.da.qwest.net []). Obviously, this is not from Microsoft.

Visit this document for instructions on the real way to run Microsoft Critical updates.


Did this document solve or help you with your problem?

Yes   No  

Category: Viruses and Security     Platform: Not Applicable
Document #: 786     Author: Cynthia Senicka    
Last Modified by: Joshua Moor on 06/12/2008