Possibly damaging bulletin

[Chapman]

Hello

I was just in my yahoo emial account and I received what
was claimed to be a Microsoft Security Bulletin MS03-043.
Buffer overrun in Messenger Service Could Allow Code
Execution (828035)

This Bulletin was sent out about 4 or 5 months ago so I
don't know why I am receiving it now. That fine but it
said to download a patch from a website that is not the one
I just downloaded this patch from. So I am wondering if it
is trying to get me to download a potentially damaging file.

The website is: http://windowsupdate.microsoft.com

Please forward this information to the proper persons to
have it checked out. I could not find a way to do this so
I am only going to leave this message here.

Thank You.

 

[Lanwench [MVP - Exchange]]

http://windowsupdate.microsoft.com is the correct address for Windows
Update. You would receive notifications of security bulletins only if you
signed up for this on the MS website....they don't send out notification
messages to everyone (how would they know who to send to?). You should be
visiting Windows Update regularly to get all critical patches -

 

[Tachys]

Be careful. Is the link to
http://windowsupdate.microsoft.com a hyperlink? Because
it's possible that the text of the link is
windowsupdate.microsoft.com while the real link is to
somewhere else. Right-click on your e-mail and
select "View Source" then you can be sure where the link
will get you. You can only do this if the e-mail has html
code in it but most e-mail services now allow that.

 

[Lanwench [MVP - Exchange]]

Agreed - I should have thought to mention that. Always best to enter the
Windows Update site manually anyway.