Patch383.exe a virus?

I just received an email that says it is from Microsoft and it has an attachment named patch383.exe. The email reads as follows:

Microsoft Customer

this is the latest version of security update, the "March 2003, Cumulative Patch" update which eliminates all known security vulnerabilities affecting Internet Explorer, Outlook and Outlook Express as well as five newly discovered vulnerabilities. Install now to protect your computer from these vulnerabilities, the most serious of which could allowan attacker to run executable on your system. This update includes the functionality of all previously released patches.

System requirements Win 9x/Me/2000/NT/XP
This update applies to Microsoft Internet Explorer,
version 4.01 and later
Microsoft Outlook, version 8.00 and later
Microsoft Outlook Express, version 4.01 and later

Recommendation Customers should install the patch at the earliest opportunity. How to install Run attached file. Click Yes on displayed dialog box. How to use You don't need to do anything after installing this item.

Microsoft Product Support Services and Knowledge Base articles can be found on the Microsoft Technical Support web site. For security-related information about Microsoft products, please visit the Microsoft Security Advisor web site, or Contact us.

Please do not reply to this message. It was sent from an unmonitored e-mail address and we are unable to respond to any replies.

Thank you for using Microsoft products.

With friendly greetings,
Microsoft Corporation Network Security Department

--------------------------------------------------------------------------------
©2003 Microsoft Corporation. All rights reserved. The names of the actual companies and products mentioned herein may be the trademarks of their respective owners.

---
Outgoing mail is certified Virus Free.
Checked by DrWeb32 anti-virus system
(http://www.drweb32.com).
Release Date: 10.3.2003


My virus checker didn't detect a virus in the attached file but I've never received an email from Microsoft right out of the blue (so to speak) and view this file as very suspicious.

Has anyone heard about this???

 

Jim,

I haven't heard of it and, like you, have never gotten an email from Microsoft about updates. I took a look on the Microsoft web site and only see a February patch, no March patch. Personally, I would just delete the email and go to Microsoft and download any updates/patches from there.

Mike

 

Looks like this one.

Daizy

 

Note: Microsoft DOES NOT send that sort of thing by email. So without even looking in Google I would feel safe in telling you that you got a joke from a half-clever author. Maybe a virus. Maybe something else. But not a legit update from M$.

And a careful look at the first paragraph indicates it was written by someone who does not write in English for a living.
"the most serious of which could allowan attacker to run executable on your system " for instance.

Plus the fact I've never heard of a single patch that is good for IE versions from 4 thru 6.

 

symantec calls the virus W32.Gibe.B@mm

the attached file name can be patch<random numbers>

per symantec, virus definitions to detect this threat were released on 2/25/03

it is also known as: WORM_GIBE.B [Trend], W32/Gibe.b@mm [McAfee], W32/Gibe-D [Sophos], I-Worm.Gibe.b [KAV], Win32.Gibe.B [CA]



mark

 

all your base are belong to us?

 

Some days I feel so invisible!

 

hiya daizy

now you made me go back and look harder... and i see that you already posted the symantec page.

sorry, daizy.

i think that when i scanned your linked posts, i saw "It didn't come from microsoft.. ", and i assumed you were linking to a mistersoftee kb article.

my bad.



mark

 

mr.mark
No problem, dear man.... you're right.....it does look like I linked to microsoft.

Daizy

 

Thanks y'all for the input. Email is now erased. Ain't it great to be able to communicate like this? Ya gotta love it!