DEVON-L Archives

Archiver > DEVON > 2002-04 > 1019074833

From: Vicki Lindsay Thauvin <>
Subject: [ADMIN] Microsoft's Internet Security Update
Date: Wed, 17 Apr 2002 13:20:33 -0700

Hello Everyone,

I wanted to let you know that the mail which appears to come from Microsoft
with a subject line of "Internet Security Update" is spam as well as a virus.
Viruses are not dangerous without their attachments and RootsWeb does
not allow attachments to their lists; virus messages shouldn't reach
RootsWeb's lists. However, you may well receive the virus message,
complete with attachment, directly, perhaps (almost certainly
unknowingly) from someone who obtained your email address form a
DEVON-L message.

It is always better to be "safe than sorry" when dealing
with virus-infected email. With the "better to be safe than sorry" thought in
mind, you should always make sure you've installed the latest anti-virus
patch or upgrade from your vendor. It is a good idea, if possible, to
configure your computer/software to automatically check for updates on a
regular basis. For this particular virus - do not open the message.

This spam/virus message should not be making it to any RootsWeb mailing lists
as the Spam Poster shouldn't be subscribed to any RootsWeb list. The
Microsoft "Security" spam/virus I've seen have attachments which wouldn't get
through RootsWeb's mail list configuration, even if the Poster's address
happened to be subscribed to a list.

To err on the side of extreme caution, immediately delete any mail which
meets one or more of the criteria below:

From: "Microsoft Corporation Security Center" <>
To: "Microsoft Customer" <''>
Reply-To: <>

Here is a message directly from Microsoft's Security webpage regarding their
official processes for distributing upgrades or software patches:

"Microsoft never distributes software directly via e-mail. We
distribute software on physical media like CD ROMs and floppy disks.

We distribute upgrades via the Internet. When we do this, the software
will be available via our web site,, or
through our FTP site,

We occasionally send e-mail to customers to inform them that upgrades
are available. However, the e-mail will only provide links to the
download sites -- we will never attach the software itself to the
e-mail. The links will always lead to either our web site or our FTP
site, never to a third-party site.

We always use Authenticode to digitally sign our products and allow
you to ensure that they have not been tampered with.

If you receive an e-mail that claims to contain software from
Microsoft, do not run the attachment. The safest course of action is
to delete the mail altogether. If you would like to take additional
action, report the e-mail to the sender's Internet Service Provider.
Most ISPs provide an "abuse" userid for this purpose. "

As always, please follow the virus rule for the DEVON list:

Do not post messages about computer viruses to the list. (Anyone ignoring
this rule is liable to be automatically unsubscribed.) If you have a query or
information about a possible computer virus, send it directly to the list
owner, Vicki Lindsay Thauvin <> who will if appropriate
communicate its contents to the list.

The reason for this rule is simple - fear of viruses is such that any message
on the mailing list about a virus, even if the message is itself timely and
factually correct (something which is far from always the case), will lead to
a whole host of follow-up messages, often of dubious accuracy, which
themselves constitute a sort of virus, and annoy many subscribers.


Vicki Lindsay Thauvin
DEVON List Manager

This thread: