Re: Is this MS05-039 a valid email????

I am aware of this! I was just posting this email here in order to see if
someone encountered it and to "get the word out" that there is a new scam out
there!

On 06/12/2005 ANONYMOUS <ANONYMOUS@xxxxxxxxxxxxxx> wrote:
>
>The only way not to fall prey of scams is to stop clicking on any links
>in any emails unless you know for sure who has sent you. One should
>always use Windows Update button to get all updates.
>
>Scammers can send you whatever they want but don't fall for them.
><PERIOD>
>
>Yves Leclerc wrote:
>>
>> I just received an email which I do not believe that this "patch" is valid.
>> The links do not "seem" to point to any of Microsoft's true web sites
(note: I
>> removed the the url links in case that these are not true Microsoft's urls:)
>>
>>
--------------------------------------------------------------------------------
>>
--------------------------------------------------------------------------------
>> ---------------------------------------------------------------
>> Microsoft Security Bulletin MS05-039
>> Vulnerability in Plug and Play Could Allow Remote Code Execution and
Elevation
>> of Privilege (899588)
>> Summary:
>> Who should receive this document: Customers who use Microsoft Windows
>> Impact of Vulnerability: Remote Code Execution and Local Elevation of
Privilege
>> Maximum Severity Rating: CRITICAL
>> Recommendation: Customers should apply the update immediately.
>> Security Update Replacement: None
>> Caveats: None
>> Tested Software and Security Update Download Locations:
>>
>> Affected Software:
>> o Microsoft Windows 2000 Service Pack 4 -
>> o Microsoft Windows XP Service Pack 1 and Microsoft Windows XP
Service Pack 2 -
>> o Microsoft Windows XP Professional x64 Edition -
>> o Microsoft Windows Server 2003 and Microsoft Windows Server 2003
Service Pack
>> 1 -
>>
>> o Microsoft Windows Server 2003 for Itanium-based Systems and Microsoft
>> Windows Server 2003 with SP1 for Itanium-based Systems -
>> o Microsoft Windows Server 2003 x64 Edition -
>> Non-Affected Software:
>> o Microsoft Windows 98, Microsoft Windows 98 Second Edition (SE), and
>> Microsoft Windows Millennium Edition (ME)
>> Executive Summary:
>> This update resolves a newly-discovered, privately-reported vulnerability. A
>> remote code execution vulnerability exists in Plug and Play (PnP) that could
>> allow an attacker who successfully exploited this vulnerability to take
>> complete control of the affected system. An attacker could then install
>> programs; view, change, or delete data; or create new accounts with full user
>> rights.
>> Conclusion: We recommend that customers apply the update immediately.
>>
>> © 2005 Microsoft Corporation. All rights reserved. Terms of Use
>> <http://www.microsoft.com/info/cpyright.mspx> | Trademarks
>> <http://www.microsoft.com/library/toolbar/3.0/trademarks/en-us.mspx> |
Privacy
>> Statement <http://www.microsoft.com/info/privacy.mspx>
>>
--------------------------------------------------------------------------------
>>
--------------------------------------------------------------------------------
>>
--------------------------------------------------------------------------------
>> ---------
>>
>> --
>> ----
>> Y.

--
----
Y.

.