A new mass-mailing virus is on the loose on the Internet, this one masquerading as a message from Microsoft Corp. about a cumulative security patch. Known as either Swen or Gibe, the virus is mainly found in Europe right now, but anti-virus experts say it has the potential to spread quickly and widely.

Like some other recent worms and viruses, Swen attempts to spread through several different methods, including peer-to-peer file sharing networks and IRC channels. It takes advantage of a two-year-old flaw in Microsoft Internet Explorer and is capable of automatically executing the infected attachment once the message is opened.

http://www.eweek.com/article2/0,4149,1273249,00.asp

looks like time to protect my computer (i really should good firewall :D ) anyway thanks for info!!

Hmm that sounds bad, good thing i am in the USA i got some time.

Snagged one off our mail servers for quarintined disection when I get bored later. The Attatchment "Paper Clip" indicator should be a first clue. Also the From: line says "MS Corporation Internet Security Center". Clue: Not "Microsoft Corporation".

Clue: So far, NONE have a Subject Line & To: line is "Customer".

NO reference to Knowledge Base Article number(s) (MSKB)

I have NEVER, EVER recieved a mass mailing from Microsoft with an attachment. EVER! Much less a security Update via email. Security Bulliten Notifications, Yes; updates with executables, Never!

If your A.V. Program didn't snag it: DELETE THIS MESSAGE IMMEDIATELY.

Take note of the poor grammer, punctuation & spelling in this snippet from the {Stripped of EXE} message body:

Microsoft Customer

this is the latest version of security update, the
"September 2003, Cumulative Patch" update which fixes
all known security vulnerabilities affecting
MS Internet Explorer, MS Outlook and MS Outlook Express.
Install now to helps protect your computar
from these vulnerabilities, the most serious of which could
allow an attacker to run executable on your computer.
This update includes the functionalitys =
of all previously released patches.

http://www.klboard.ath.cx/index.php?showtopic=68029