Another Microsoft Patch scam

Found this in a mailbox this morning:





From - Tue Sep 27 15:27:43 2011

X-Account-Key: account2

X-UIDL: L5="!0UZ!!?;b"!l_4!!

X-Mozilla-Status: 0001

X-Mozilla-Status2: 00000000

X-Mozilla-Keys:

Return-Path:

X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on doctor.nl2k.ab.ca

X-Spam-Level:

X-Spam-Status: No, score=-5.0 required=5.0 tests=RCVD_IN_JMF_W

autolearn=unavailable version=3.3.2

X-Original-To: aboo@doctor.nl2k.ab.ca

Delivered-To: aboo@doctor.nl2k.ab.ca

Received: from localhost (localhost.nl2k.ab.ca [127.0.0.1])

by doctor.nl2k.ab.ca (Postfix) with ESMTP id 25CEF12CFA82

for ; Tue, 27 Sep 2011 15:27:15 -0600 (MDT)

X-Virus-Scanned: amavisd-new at doctor.nl2k.ab.ca

Received: from doctor.nl2k.ab.ca ([127.0.0.1])

by localhost (doctor.nl2k.ab.ca [127.0.0.1]) (amavisd-new, port 10024)

with ESMTP id hn2hFRmftre7 for ;

Tue, 27 Sep 2011 15:27:07 -0600 (MDT)

Received: from mail.commissionaires.ca (mail.commissionaires.ca [69.20.239.51])

(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))

(No client certificate requested)

by doctor.nl2k.ab.ca (Postfix) with ESMTPS id 77F0012CFA86

for ; Tue, 27 Sep 2011 15:26:46 -0600 (MDT)

Received: from SERVER (dsl78.188-3856.ttnet.net.tr [78.188.15.16] (may be forged))

(authenticated bits=0)

by mail.commissionaires.ca (8.13.8/8.13.8-) with ESMTP id p8RJ7gpO023174

(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO)

for ; Tue, 27 Sep 2011 16:45:28 -0400

List-Unsubscribe: <Unsubscribe>

From: "Microsoft-Canada.Inc"

Subject: Critical Update For Microsoft Firewall MS0098

To: aboo@doctor.nl2k.ab.ca

Content-Type: multipart/alternative; charset=UTF-8; boundary="AdEuAWViZ4UQwbQQdbrl5E34B=_5Sk4Nh9"

MIME-Version: 1.0

Date: Wed, 28 Sep 2011 00:13:41 +0300

Message-ID: <535200143063531@server.muhasebe.local>

X-UIDL: L5="!0UZ!!?;b"!l_4!!

X-Brightmail-Tracker: AAAAARkNecY=

X-Brightmail-Tracker: AAAAAA==



This is a multi-part message in MIME format



--AdEuAWViZ4UQwbQQdbrl5E34B=_5Sk4Nh9

Content-Type: text/plain; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable

Content-Disposition: inline



Dear Customer,



=20



Please notice that Microsoft has recently issued a Security Update for=

Microsoft Windows Firewall and Security Center.



=20



This Update is to prevent malicious users from getting access to your =

computer files by executing arbitary code on a new buffer overflow fou=

nd in the windows firewall process.



=20



This is an high-priority updates. In order to help protect your comput=

er against security threats and malicious code.



Please follow these instructions:



=20



1. Download the file from http://teamfix.x10.mx/SECURITY_FIX_5228.exe =





=20



2. Double-click on SECURITY_FIX_5228.exe to start the update.



3. Clique on Allow Access



=20



This is an Automated Message produced by Microsoft Canada Co., Please =

Do Not Reply



=20



Microsoft Team.



--AdEuAWViZ4UQwbQQdbrl5E34B=_5Sk4Nh9

Content-Type: text/html; charset="UTF-8"

Content-Transfer-Encoding: quoted-printable

Content-Disposition: inline










utf-8" />





Dear Customer,



 



Please notice that Microsoft has recently issued a Security U=

pdate for Microsoft Windows Firewall and Security Center.



 



This Update is to prevent malicious users from getting access=

to your computer files by executing arbitary code on a new buffer ove=

rflow found in the windows firewall process.



 



This is an high-priority updates. In order to help protect yo=

ur computer against security threats and malicious code.



Please follow these instructions:



 



1. Download the file from
p://teamfix.x10.mx/SECURITY_FIX_5228.exe">http://teamfix.x10.mx/SECURI=

TY_FIX_5228.exe



 



2. Double-click on SECURITY_FIX_5228.exe to start the updat=

e.



3. Clique on *Allow Access*



 



This is an Automated Message produced by Microsoft Canada C=

o., Please Do Not Reply



 



Microsoft Team.











--AdEuAWViZ4UQwbQQdbrl5E34B=_5Sk4Nh9--





Trackbacks

Trackback specific URI for this entry

This link is not meant to be clicked. It contains the trackback URI for this entry. You can use this URI to send ping- & trackbacks from your own blog to this entry. To copy the link, right click and select "Copy Shortcut" in Internet Explorer or "Copy Link Location" in Mozilla.

No Trackbacks

Comments

Display comments as Linear | Threaded

No comments

Add Comment

Enclosing asterisks marks text as bold (*word*), underscore are made via _word_.
Standard emoticons like :-) and ;-) are converted to images.

To prevent automated Bots from commentspamming, please enter the string you see in the image below in the appropriate input box. Your comment will only be submitted if the strings match. Please ensure that your browser supports and accepts cookies, or your comment cannot be verified correctly.
CAPTCHA

Enclosing asterisks marks text as bold (*word*), underscore are made via _word_.
Standard emoticons like :-) and ;-) are converted to images.

To prevent automated Bots from commentspamming, please enter the string you see in the image below in the appropriate input box. Your comment will only be submitted if the strings match. Please ensure that your browser supports and accepts cookies, or your comment cannot be verified correctly.
CAPTCHA