I got an email about there being these two updates for an SQL injection issue. I was wondering if this was legit because of the email addresses they came from.
The one for 6137 came from a firstname.lastname@example.org
The one for 2996 came from a email@example.com
I get the feeling that these two emails are not legit. Attached to them is a document called SUPEEFIX.doc and I am hesitant to download it. I am just wanting to know if either of these are legit and not an attempt at the ransomware stuff that has been going around.
Solved! Go to Solution.
Do not download any attachment from these emails. These are for the fake patches which Magento did not release. All Magento1 patches can be downloaded from https://magento.com/tech-resources/download under release archive section.