A critical vulnerability in PHP email

[nelo]

I just received this email from zend.

Should I upgrade or install anything?

A critical vulnerability in the most recent release of PHP has just been found (CVE-2012-0830). This exploit could allow arbitrary code to be remotely executed on a PHP system. This vulnerability is present both on PHP 5.3.9, and on PHP 5.2.17 that contains a backported fix for CVE-2011-4885.

 

[c0mputertalk]

Thank you for sharing this with us .

Do make sure that the e-mail is not spam . Very often such spam messages are sent by hackers providing links to download security patches or making you visit a page that is used to still the log in credentials of the visitor and gain access to their e-mail or server. We have not received any such notification for a major vulnerability of the PHP.

Let us know if we can do anything else for you .

 

[Heatman1]

Thank you for sharing this with us .

Do make sure that the e-mail is not spam . Very often such spam messages are sent by hackers providing links to download security patches or making you visit a page that is used to still the log in credentials of the visitor and gain access to their e-mail or server. We have not received any such notification for a major vulnerability of the PHP.

Let us know if we can do anything else for you .

I completely agree with you on this. I think it's something to do with spammers, and utmost care need to be used when dealing with them. I haven't received such email either, so it's likely a spam. He should just wait it out and see what happens.