Microsoft NEVER sends updates through e-mail

This just came through to my inbox.  Fortunately, Small Business Server 2003’s Exchange filtering snagged the executable but thought this is worth touching on.  Never run an executable from anyone you haven’t explicitly requested it from.

You can see from the headers of this message that it really came from a Yahoo mail server, not Microsoft.  I found this one interesting that they are beginning to fake out the PGP key and even took the time to use Steve Lipner’s name in it.  Pretty creative, but still a bunch of baloney. – Steve

Microsoft Mail Internet Headers Version 2.0
thread-index: Ackrxj/LwJkXJhdjTIq3Bk8lpONEJw==
Received: from ([]) by with Microsoft SMTPSVC(6.0.3790.3959); Sat, 11 Oct 2008 10:24:41 -0700
Received: from [] by; Sat, 11 Oct 2008 18:24:42 +0100
Message-ID: <01c92bce$a0ee5100$03eba1d5@03DNAG1>
From: “Microsoft High-priority update” <>
To: <>
Content-Transfer-Encoding: 7bit
Subject: Security Update for OS Microsoft Windows
Date: Sat, 11 Oct 2008 18:24:42 +0100
MIME-Version: 1.0
Content-Type: multipart/mixed;
Content-Class: urn:content-classes:message
X-Priority: 3
Importance: normal
Priority: normal
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 4.72.2106.4
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.4325
Return-Path: <>
X-OriginalArrivalTime: 11 Oct 2008 17:24:42.0354 (UTC) FILETIME=[3F5FED20:01C92BC6]
X-TM-AS-Product-Ver: SMEX-
X-TM-AS-Result: No–22.286100-5.000000-31
X-TM-AS-User-Approved-Sender: No
X-TM-AS-User-Blocked-Sender: No

Content-Type: text/plain;
Content-Transfer-Encoding: 7bit

Content-Type: text/plain;
Content-Transfer-Encoding: base64
Content-Disposition: attachment;


—–Original Message—–
From: Microsoft High-priority update []
Sent: Saturday, October 11, 2008 10:25 AM
To: Steven Banks
Subject: Security Update for OS Microsoft Windows


Dear Microsoft Customer,


Please notice that Microsoft company has recently issued a Security Update for OS Microsoft Windows. The update applies to the following OS versions: Microsoft Windows 98, Microsoft Windows 2000, Microsoft Windows Millenium, Microsoft Windows XP, Microsoft Windows Vista.


Please notice, that present update applies to high-priority updates category. In order to help protect your computer against security threats and performance problems, we strongly recommend you to install this update.


Since public distribution of this Update through the official website would have result in efficient creation of a malicious software, we made a decision to issue an experimental private version of an update for all Microsoft Windows OS users.


As your computer is set to receive notifications when new updates are available, you have received this notice.


In order to start the update, please follow the step-by-step instruction:

1. Run the file, that you have received along with this message.

2. Carefully follow all the instructions you see on the screen.


If nothing changes after you have run the file, probably in the settings of your OS you have an indication to run all the updates at a background routine. In that case, at this point the upgrade of your OS will be finished.


We apologize for any inconvenience this back order may be causing you.



Thank you,


Steve Lipner

Director of Security Assurance

Microsoft Corp.




Version: PGP 7.1








2 thoughts on “Microsoft NEVER sends updates through e-mail

  1. The one I got yesterday had a hotmail server as opposed to a yahoo one but using the properties for the email I found that the message content was the same as you posted.

    I knew something was up when I 1st saw it but I wanted to check out the properties of it before I deleted it just to see where it came from. I never actually even opened up the email. As SOP, I don’t even have the “preview screen” “turned-on” but I did notice it had an attachment but I didn’t do the properties of it b/c I didn’t even open up the email.

  2. Hello!!! is one of the most outstanding innovative websites of its kind. I enjoy reading it every day. All the best.

Leave a Reply

Your email address will not be published. Required fields are marked *