Break the Chain Patches? We Don't Need No Stinking Patches!

Created 9/30/2003 (9/30/2003) Some viruses are not only stunning examples of hacking and reverse engineering, they also demonstrate a phenomenon known as "social engineering," or preying on the inexperience of users to help their spread.

SAMPLE CHAIN LETTER TEXT

FROM: "Microsoft"
SUBJECT: Use this patch immediately !

Dear friend , use this Internet Explorer patch now!
There are dangerous virus in the Internet now!
More than 500.000 already infected!

patch.exe (Binary attachment)

END CHAIN LETTER TEXT

Another version comes cleverly formatted as an official-looking Microsoft web page and contains more descriptive text:

SAMPLE CHAIN LETTER TEXT

An official-looking notice

END CHAIN LETTER TEXT

These are not official notices from Microsoft (the poor grammar and spelling alone should have been red flags). In fact, rather than being a software patch to prevent the spread of viruses into and by your computer, the attachment is actually infected with a virus.

doteasy.com - free web hosting. Free hosting with no banners.
The Swen.A worm was unleashed on the Internet in mid-september, 2003. It exploits a security hole in Microsoft's Internet products to infect your PC and send copies of itself to others. It also propagates via peer-to-peer file sharing networks, Internet relay chat and news groups.

Its delivery method is particularly sinister. The official-looking notice, coupled with almost constant attention by the media to security flaws in Microsoft products, lead many otherwise skeptical people to believe this is really a patch.

The bottom line, however, is that Microsoft does not distribute software patches in this manner. They do have a patch that will prevent Swen-type infections, but you'll have to visit their Windows Update web site to get it - they won't send it to you.

The best way to keep viruses and worms out of your computer is to install anti-virus software and keep it updated regularly. Consult the references below for updates and instructions from the most popular packages (or to purchase a package, if you don't have one). Read "Protecting Your PC" in the Chain-Breaker's Library for more steps you can take to prevent unwanted intrusions on your data.

What Do You Think?

Category: Virus Warning
References: Microsoft Security Bulletin (MS01-020), Trend Micro, McAfee, Symantec (Norton), eTrust Antivirus, Sophos

HOME | Privacy & Copyright