StarDestroyer.Net BBS

Get your fill of sci-fi, science, and mockery of stupid ideas
http://stardestroyer.dyndns-home.com/

Scary shit from MSN (MUST READ)

http://stardestroyer.dyndns-home.com/viewtopic.php?f=24&t=28220

Page 1 of 1

Scary shit from MSN (MUST READ)

Posted: 2003-08-19 07:22am
by Hamel
This smells like total bullshit, and I have received no less than 5 emails in a row from this sender:

.NET Messenger Servi... Important Security Update for the .NET Messen... Aug 19 1k
.NET Messenger Servi... Important Security Update for the .NET Messen... Aug 19 1k
.NET Messenger Servi... Important Security Update for the .NET Messen... Aug 19 1k
.NET Messenger Servi... Important Security Update for the .NET Messen... Aug 18 1k
.NET Messenger Servi... Important Security Update for the .NET Messen... Aug 18 1k

-_-;



:
".NET Messenger Service Staff" <dot_net_msgr_svc@msgr.hotmail.com>

To :
ssj_jeffw(remove[protectagainstspambot])@hotmail.com

Subject :
Important Security Update for the .NET Messenger Service

Date :
Mon 18, Aug 2003

Reply Reply All Forward Delete Put in Folder...InboxSent MessagesDraftsTrash Can Printer Friendly Version


ATTENTION: IMMEDIATE ACTION REQUIRED FOR MSN AND WINDOWS MESSENGER USERS.

You are receiving this e-mail because you are a MSN Messenger or Windows
Messenger Service user.

As part of Microsoft's Trustworthy Computing initiative, Microsoft is
updating the .NET Messenger Service and providing you with an important
MSN Messenger or Windows Messenger security update.

If you are using MSN Messenger 5.0, Windows Messenger 4.7.2000, or MSN
Messenger for Mac 3.5, or any versions higher than these, you do NOT need
this security update. To find out which version you have, select the
'Help' menu in Messenger, then select 'About'. If you are using an older
version, or are not sure, please visit:
http://messenger.msn.com/Help/Upgrades.aspx
for an update.

NOTICE: If you are not using an updated version, you will be unable to
continue using your MSN Messenger or Windows Messenger Service.

Thank you for helping Microsoft further its commitment to helping you
protect your privacy and security online.

You can view the .NET Messenger Statement of Privacy at:
http://messenger.msn.com/Help/Privacy.aspx
and the .NET Messenger Service Terms of Use and Notices at:
http://messenger.msn.com/Help/Terms.aspx.

This is even scarier if legit. Microsoft's Trustworthy Computing? Isn't this the same shit they've been talking about pulling for a year now?

Posted: 2003-08-19 07:25am
by Brother-Captain Gaius
Got the same. I think I got like 6 or 7 though.

Posted: 2003-08-19 07:28am
by Hamel
I'm not downloading this update. I don't care if it blocks my MSN messenger access. These cocks don't specify what the upgrade is for!

Posted: 2003-08-19 07:35am
by Xon
Hmm, I smell bullshit.

Windows Messanger & MSN, etc all check for a new version as a part of their log in process. And will also tell you if there is any new updates while your online too. (Sometimes if they do a major update you cant complete the log in process without updating)

:edit:
Looks like those site links are legit, by why would MS send you an email? They can just use the auto-update service biult into MSN...

Posted: 2003-08-19 08:12am
by Gandalf
What would this do for me, being on Trillian?

Posted: 2003-08-19 08:20am
by Seggybop
Trillian will release a patch if they try to block access.

Posted: 2003-08-19 08:46am
by Hamel
I'm using Trillian as well, so I have no clue on how this will muck with me.

ggs wrote:Looks like those site links are legit, by why would MS send you an email? They can just use the auto-update service biult into MSN...
Yeah, and why would they send us 5 to 7 emails?

Posted: 2003-08-19 10:16am
by Pu-239
Didn't MS release the specs for the MSN protocol (for once they did a good thing (AOL hasn't))?

Posted: 2003-08-19 10:23am
by Pu-239
BTW it's probably bullshit.

Posted: 2003-08-19 10:27am
by Einhander Sn0m4n
What surprises me is that it didn't have something like 'Microsoft Windows Messenger Update.vbs' attached to it...

Posted: 2003-08-19 11:22am
by Faram
Strange shit that..

Did't see any updates for messenger at windowsupdate.

Gona DL that update and check out what it is.

Posted: 2003-08-19 11:47am
by Lord_Xerxes
Hax! The site is probably dressed to look like what it should, or the thinks are, but they direct you to somewhere evil. I got a messenge from Ebay once that looked legit, but was BS. And I smelled through it, because it was asking me to use my sign in/log in name and password in the email. I sent it to hte real Ebay's customer service thingy, and they determined it to be hax. What was surreal was that the reply to box still said an ebay reply addy, but according to the real ebay people, it was just a cover for the real reply-to so that the person could get my login info.

This smells like bs to me. I doubt they'd email you whne the program already indicates if an update is required. Let alone email you like 6 times. It's probably gonna send your login info to someone when you update and log in, or some nonsense. Pure hax!

Posted: 2003-08-19 12:00pm
by Faram
The file is OK signed with Microsofts signing key and so on, but according to that site I don't need the update so I am not installing it.

Posted: 2003-08-22 01:13pm
by phongn
This deserves a bump. Microsoft is going to phase out the old MSNIM protocol for various reasons, including password security. For example, the new protocol will use SSL to transmit your password, this securing it against people sniffing packets.

However, this does mean that older clients will be affected. Microsoft is going to require a license from third-party clients - of which the price, if any, is unknown. Trillian expects that they will get a license and implement the new protocol posthaste. GAIM does not know if they will be able to. Older versions of MSNIM that do not support MSNIMv8 will cease to function on 15 October.

Posted: 2003-08-22 01:22pm
by Einhander Sn0m4n
Lord_Xerxes wrote:Hax! The site is probably dressed to look like what it should, or the thinks are, but they direct you to somewhere evil. I got a messenge from Ebay once that looked legit, but was BS. And I smelled through it, because it was asking me to use my sign in/log in name and password in the email. I sent it to hte real Ebay's customer service thingy, and they determined it to be hax. What was surreal was that the reply to box still said an ebay reply addy, but according to the real ebay people, it was just a cover for the real reply-to so that the person could get my login info.

This smells like bs to me. I doubt they'd email you whne the program already indicates if an update is required. Let alone email you like 6 times. It's probably gonna send your login info to someone when you update and log in, or some nonsense. Pure hax!
You're exactly right. The proper term for this practice is 'phishing' (it sux when it happens, it's all the more shitty we have a name for it!)

BTW I think that msnmessenger.com site was put up by one 'Evidence Eliminator' company. They like to spam you with sicko porn of questionable legality then try to terrorize you into buying their bullshit program for $150!!
All times are UTC-05:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited