Usually an end user has to request the hotfix and fill out a form on the MS site and then MS will send out an email with the URI. So to answer your question, yes, MS does send out emails with hotfixes, but only when an end user requests it, at least in my experience…
If the end user did not specifically fill out a form/request the hot fix, then I would be very suspicious… From: Alex [mailto:mysqlstud...@gmail.com] Sent: Thursday, August 14, 2014 7:22 PM To: SA Mailing list Subject: Hotfix/phishing spam Hi, We had users reporting receiving an email that appears to be from Microsoft regarding a hotfix, but it appears to actually contain Microsoft hotfix info with a URI to download an executable. The executable is a zip that contains a MSU (Windows6.1-KB977307-x64.msu). Does MS send such email? http://pastebin.com/BS5jt86N This one hits a lot of T_ rules; it'd be nice if they were real rules about now :-) It also hit BAYES_00, which I'm a little concerned about, but maybe not necessarily if the body is indeed actually legit... Thanks for any ideas. Alex ________________________________ John Traweek CCNA, Sec+ Executive Director, Information Technology Proud PCI Associate for 17 years PCI: the data company ________________________________ Heritage Square . 4835 LBJ Freeway, Suite 1100 . Dallas, TX 75244 . 214.530.0394 Did you know last year, PCI raised over 9 million dollars in donations for our clients? Ask us how! This Email is covered by the Electronic Communications Privacy Act, 18 U.S.C. Sections 2510-2521 and is legally privileged. The information contained in this Email is intended only for . If the reader of this message is not the intended recipient, you are hereby notified that any dissemination, distributions or copying of this communication is strictly prohibited. If you have received this communication in error, please notify us by telephone 1.800.395.4724 X160, and destroy the original message.
