locked
Aktualizace přes e-mail RRS feed

  • Dotaz

  •  

    Dnes jsem dostal e-mail od microsoftu že mi posílá nějakou aktualizaci ať tedy přiložený soubor spustím. Jelikož se mi to zdá nestandartní, rád bych zjistil zda je to nějaká novinka od microsoftu nebo nějaká srandička podvodníka? Díky za odpověď.

     

    Zde ten email:

     

    Dear Microsoft Customer,

    Please notice that Microsoft company has recently issued a Security Update for OS Microsoft Windows. The update applies to the following OS versions: Microsoft Windows 98, Microsoft Windows 2000, Microsoft Windows Millenium, Microsoft Windows XP, Microsoft Windows Vista.

    Please notice, that present update applies to high-priority updates category. In order to help protect your computer against security threats and performance problems, we strongly recommend you to install this update.

    Since public distribution of this Update through the official website http://www.microsoft.com would have result in efficient creation of a malicious software, we made a decision to issue an experimental private version of an update for all Microsoft Windows OS users.

    As your computer is set to receive notifications when new updates are available, you have received this notice.

    In order to start the update, please follow the step-by-step instruction:
    1. Run the file, that you have received along with this message.
    2. Carefully follow all the instructions you see on the screen.

    If nothing changes after you have run the file, probably in the settings of your OS you have an indication to run all the updates at a background routine. In that case, at this point the upgrade of your OS will be finished.

    We apologize for any inconvenience this back order may be causing you.


    Thank you,

    Steve Lipner
    Director of Security Assurance
    Microsoft Corp.

    pátek 10. října 2008 22:42

Odpovědi

  • Ahoj,

    zaprve POCHVALA, ostrazitosti neni nikdy dost. Ano, na 101% se jedna o podvodny mail. MS ani zadny jiny solidni dodavatel SW NIKDY neposila update mailem ale vystavi jej na sve https strance a/nebo digitalne podepise.. Priloha dosla nebo byla automaticky odstranena (bohudik)? Docela rad bych se ji podival na zoubek!

     

    Mas sanci podivat se na "zdrojovy kod" mailu, tzn. odkud priputoval (hlavicka - polozka received)?

     

    MP

     

    ... pridano 11:00: tak i ja jsem takovy mail dostal, samozrejme byl ve spamu. SVOJE udaje jsem pozmenil, podivej se na zvyraznene. Mail pochazi z Ruska a je posilany pres Yahoo. Priloha nastesti (bohuzel?)chybi. Co dodat?

     

     

    Return-path: <7HJYPS0@yahoo.com>
    X-Spam-Checker-Version: SpamAssassin 3.1.8 (2007-02-13) on
     muj.server.intranet
    X-Spam-Level: *******
    X-Spam-Status: No, score=7.3 required=7.5 tests=BAYES_50,FORGED_RCVD_HELO,
     MDAEMON_DNSBL,MDAEMON_SPF_SOFTFAIL autolearn=no version=3.1.8
    Received: from net157.144.91-134.telemaxdom.ru (net157-134.ertelecom.ru [91.144.157.134])
     by server.cz (ns.server.cz)
     (MDaemon PRO v9.6.2)
     with ESMTP id 42-md50000023537.msg
     for <user@server.cz>; Fri, 10 Oct 2008 18:50:19 +0200
    Authentication-Results: ns.server.cz
     
    smtp.mail=7HJYPS0@yahoo.com; spf=softfail
    Authentication-Results: ns.server.cz
     header.from=securityassurance@microsoft.com; domainkeys=neutral (not signed); dkim=neutral (not signed)
    X-MDSPF-Result: softfail (ns.server.cz)
    Received-SPF: softfail (ns.server.cz: domain of transitioning 7HJYPS0@yahoo.com
     does not designate 91.144.157.134 as permitted sender)
     x-spf-client=MDaemon.PRO.v9.6.2
     receiver=ns.server.cz
     client-ip=91.144.157.134
     envelope-from=<7HJYPS0@yahoo.com>
     helo=net157.144.91-134.telemaxdom.ru

    X-MDDK-Result: neutral (ns.server.cz)
    X-MDDKIM-Result: neutral (ns.server.cz)
    Received: from [91.144.157.134] by c.mx.mail.yahoo.com; Fri, 10 Oct 2008 19:50:12 +0300
    Message-ID: <01c92b11$683c7200$869d905b@7HJYPS0>
    From: "Microsoft Update" <securityassurance@microsoft.com>
    To: <user@server.cz>
    Subject: Security Update for OS Microsoft Windows
    Date: Fri, 10 Oct 2008 19:50:12 +0300
    MIME-Version: 1.0
    Content-Type: multipart/mixed;
      boundary="----=_NextPart_000_0006_01C92B11.683C7200"
    X-Priority: 3
    X-MSMail-Priority: Normal
    X-Mailer: Microsoft Outlook Express 5.50.4963.1700
    X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4963.1700
    X-RBL-Warning: mail from 91.144.157.134 refused, see http://www.spamhaus.org
    X-Rcpt-To: user@server.cz
    X-MDRcpt-To: user@server.cz
    X-MDRemoteIP: 91.144.157.134
    X-Return-Path: 7HJYPS0@yahoo.com
    X-Envelope-From: 7HJYPS0@yahoo.com
    X-MDaemon-Deliver-To: user@server.cz
    X-Spam-Processed: ns.server.cz, Fri, 10 Oct 2008 18:50:20 +0200

    sobota 11. října 2008 8:47
    Moderátor

Všechny reakce

  • Ahoj,

    zaprve POCHVALA, ostrazitosti neni nikdy dost. Ano, na 101% se jedna o podvodny mail. MS ani zadny jiny solidni dodavatel SW NIKDY neposila update mailem ale vystavi jej na sve https strance a/nebo digitalne podepise.. Priloha dosla nebo byla automaticky odstranena (bohudik)? Docela rad bych se ji podival na zoubek!

     

    Mas sanci podivat se na "zdrojovy kod" mailu, tzn. odkud priputoval (hlavicka - polozka received)?

     

    MP

     

    ... pridano 11:00: tak i ja jsem takovy mail dostal, samozrejme byl ve spamu. SVOJE udaje jsem pozmenil, podivej se na zvyraznene. Mail pochazi z Ruska a je posilany pres Yahoo. Priloha nastesti (bohuzel?)chybi. Co dodat?

     

     

    Return-path: <7HJYPS0@yahoo.com>
    X-Spam-Checker-Version: SpamAssassin 3.1.8 (2007-02-13) on
     muj.server.intranet
    X-Spam-Level: *******
    X-Spam-Status: No, score=7.3 required=7.5 tests=BAYES_50,FORGED_RCVD_HELO,
     MDAEMON_DNSBL,MDAEMON_SPF_SOFTFAIL autolearn=no version=3.1.8
    Received: from net157.144.91-134.telemaxdom.ru (net157-134.ertelecom.ru [91.144.157.134])
     by server.cz (ns.server.cz)
     (MDaemon PRO v9.6.2)
     with ESMTP id 42-md50000023537.msg
     for <user@server.cz>; Fri, 10 Oct 2008 18:50:19 +0200
    Authentication-Results: ns.server.cz
     
    smtp.mail=7HJYPS0@yahoo.com; spf=softfail
    Authentication-Results: ns.server.cz
     header.from=securityassurance@microsoft.com; domainkeys=neutral (not signed); dkim=neutral (not signed)
    X-MDSPF-Result: softfail (ns.server.cz)
    Received-SPF: softfail (ns.server.cz: domain of transitioning 7HJYPS0@yahoo.com
     does not designate 91.144.157.134 as permitted sender)
     x-spf-client=MDaemon.PRO.v9.6.2
     receiver=ns.server.cz
     client-ip=91.144.157.134
     envelope-from=<7HJYPS0@yahoo.com>
     helo=net157.144.91-134.telemaxdom.ru

    X-MDDK-Result: neutral (ns.server.cz)
    X-MDDKIM-Result: neutral (ns.server.cz)
    Received: from [91.144.157.134] by c.mx.mail.yahoo.com; Fri, 10 Oct 2008 19:50:12 +0300
    Message-ID: <01c92b11$683c7200$869d905b@7HJYPS0>
    From: "Microsoft Update" <securityassurance@microsoft.com>
    To: <user@server.cz>
    Subject: Security Update for OS Microsoft Windows
    Date: Fri, 10 Oct 2008 19:50:12 +0300
    MIME-Version: 1.0
    Content-Type: multipart/mixed;
      boundary="----=_NextPart_000_0006_01C92B11.683C7200"
    X-Priority: 3
    X-MSMail-Priority: Normal
    X-Mailer: Microsoft Outlook Express 5.50.4963.1700
    X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4963.1700
    X-RBL-Warning: mail from 91.144.157.134 refused, see http://www.spamhaus.org
    X-Rcpt-To: user@server.cz
    X-MDRcpt-To: user@server.cz
    X-MDRemoteIP: 91.144.157.134
    X-Return-Path: 7HJYPS0@yahoo.com
    X-Envelope-From: 7HJYPS0@yahoo.com
    X-MDaemon-Deliver-To: user@server.cz
    X-Spam-Processed: ns.server.cz, Fri, 10 Oct 2008 18:50:20 +0200

    sobota 11. října 2008 8:47
    Moderátor
  • Ahoj, tohle je hlavička:

    Od: Microsoft Update
    Center <securityassurance@microsoft.com>


    Komu: tomascibak@seznam.cz


    Předmět: Security Update for OS
    Microsoft Windows


    Datum: 10.10. 2008, 23:16 - včera v 23:16


    Tohle je na konci toho emailu:



    -----BEGIN PGP SIGNATURE-----
    Version: PGP
    7.1

    CG6FD184J1GTK6EGGV3RU92A0EC472LVLS1LPBKTOER16BVJJ0KC6QL67VZQBUPK6
    DH3094QPGT13AM7OM75SK8KNDPM8P0EH74HJOPYM150V1F0Y96BW3K0KSKCMRQ8QB
    LPG22P3Z4J7M73MAKCK83AMTA8X4S3A9ARSP86IED5EUJVUAXVLO9EQ2N5YNPVF18
    H97BDJBY18TOAVP1QBY101233ZSMWQBRFBBCUSPC8H4JJYEUVXEDNGCXJ81QDE9QU
    6TRJ8RMN50XJVK6BI96P303VPRAZH55Z0DQ==
    -----END
    PGP SIGNATURE-----


    A tohle je název té aktualizace:


    KB557751.exe - 32,62 kB


    Bohužel nejsem ještě tak zběhlý v počítačích takže bohužel některé věci nejsem schopen vypátrat. Tak zatím čau.




    sobota 11. října 2008 11:56
  • Muzes, prosim, tu "aktualizaci" (zjevne virus!) prejmenovat z .exe na napr. .exe_ a nekam vystavit? Uschovna, RS ...? Nebo ji prejmenuj a posli mi ji (miroslav(at)pragl(tecka)cz).

     

    D.

     

    MP

     

    P.S. zadny takovy hotfix samozrejme neexistuje

    sobota 11. října 2008 13:39
    Moderátor
  • Čauec, sorry ale já už to smázl, takže s tím už nic nenadělám. Tak zatím, čau. Dík
    neděle 12. října 2008 18:30
  • dobry den,

     

    mail mi prosel taky. Chcete jeste prilozeny exe?

     

    Lubos

     

    úterý 14. října 2008 6:46
  • Ano prosim Smile

     

    MP

     

    úterý 14. října 2008 7:58
    Moderátor