Surely not
An email from MS announcing a vuln. in its own software? Who'd believe that..?
Do not be tempted into opening an email with the subject line: "Microsoft Security Bulletin MS07-0065" because it is no such thing. The email is not from Microsoft and contains a link to a webpage containing a trojan (disguised malware). The emails contain real people's names and the company they work for and looks like a …
Is there still those out there that fall for this age old 'trick'?
I hate to say it but those that are too stupid to learn from the many past, well publicised similar tricks should just be left to fall foul.
On the other hand, those new to game should be warned - but it seems to be the same people every time that are caught by these.
I used to get 10s of these a day, a few (5?) years back - or at least I assumed at the time that were something similar, and that Microsoft weren't actually sending out hundreds of security updates a week (Unix users should feel free to use that as a set-up for a joke).
It's potentially a very effective avenue of attack as many users don't expect the "from" address to be spoofed - although one would hope their email client would pick up on this.
This is just a subtle modification of the swen virus we saw a few years ago (and which pops up every once in a while). Instead of putting the payload in the email, they now send you to a website and have you install it. Social engineering at its best. Or, as we called it at ISS, meat hacking.
Reminds me of the story of the WordPerfect (that long ago!) helpdesk operator who had to deal with a call from a user whose screen had blanked. Eventually, the exasperated helper asked the user to check the power lead. "I can't see to do that" was the reply, "all the lights have gone off".
The helper takes a deep breath and calmly informs the user that there is a serious fault and that the computer must go back to the shop. "Oh dear" says the user, "what should I tell them?"
Letting go a little, the helper yells back, "tell them you're too effing stupid to use a computer!"
It's just Darwinism, really.