If you got email from the “MS Corporation Network Security Center”, throw it away!
The email purports to be from Microsoft, has a Microsoft-like logo and nice-looking Windows XP-like logos. The hyperlinks all seem to connect to the right places — the TRUSTe link, for instance, does link to a real TRUSTe page certifying that Microsoft Corporation is a TRUSTe licensee. It has an attached executable that the email claims to be the “September 2003, Cumulative Patch” update which “fixes all known security vulnerabilities affecting MS Internet Explorer, MS Outlook and MS Outlook Express”.
It’s a virus. Microsoft is not in the habit of sending updates via email, they prefer to direct you to use “Windows Update” on your Start menu. Besides, their updates are never small enough to send via email anyway. The “from” address header is fake and comes from “msn.com” — MSN has nothing to do with patches.
Since my Apple Powerbook is my email machine and since Tucows’ mail server’s anti-virus software nabbed it anyway, I am unaffected. I thought I’d just pass a warning to all of you out there.