Purdue University cautions users to be skeptical of email messages claiming to be from Microsoft and requesting that users download a critical update. These emails appear to be fraudulent and users should NOT follow the links in the email. Users are requested to ignore the email and delete it.
The email states that users should "Please intall critical Windows XP/2000/2003/Vista update!" (Note spelling errors.)
Microsoft publishes information for end users on recognizing and avoiding fraudulent email to Microsoft customers. You can read this information at: http://www.microsoft.com/protect/yourself/phishing/msemail.mspx and at http://www.microsoft.com/canada/athome/security/email/ms_genuine_mail.mspx
You can read more about valid Microsoft security updates at: http://www.microsoft.com/protect/computer/updates/bulletins/default.mspx
Purdue employees are encouraged to report the receipt of these emails to their departmental IT staff before taking action to download any type of software updates. In many instances, centralized and departmental IT already provide all patches to Microsoft software.
Posted by William Harshbarger on February 06, 2008, in Handlers Log.