Hi,
as ya'll are realizing, anything purporting to be a patch from Microsoft is bogus. I've had several of these also, and Norton, (and other av vendors) went several hours before getting a patch. Anyone who lets their machines auto-update should check to make sure that even if it updated on Wed/Thursday, you should go update again by hand...especially if you're on a PC.
Now for the interesting stuff..
This virus seems to be failing a small way in its spoofing abilities. As I said, I've gotten several copies, but it turns out that all of them have been from just two people so far. I've identified each person and each has been truly infected as confirmed by phone.
Look in the headers for the Return Path: header. This virus doesn't seem to be using its own sending program since all the copies I've received so far have come through the actual ISP of the infected person's computer. If that e-mail in the Return Path header is someone you recognize or know, consider giving them a call.
One of the people I received from was someone I didn't know...but putting the e-mail from the Return Path: header in a search at Google returned an exact hit. A man in an important financial institution. I called and left a message. He returned my call and after a short introduction he freely admitted he was infected that morning ..and the timing was just minutes before I got the first instance of the virus from him. We were able to establish a "connection" to each other through common web pages, but we didn't know each other personally. He wisely disconnected his machine from the internet and called his system admin.
Maybe given this ability to track the infected machine, this virus won't last nearly as long as some others.
Everyone should thank God you have Macs.
see ya,
