Mike Easter wrote:

> The file is from MS.

How do you *KNOW* that? Serious question regarding that particular link.

> People trust MS to not provide malicious executables.

They do! What better domain to choose to fool folk?!!!

Quote:

A Spoofed URL describes one website that poses as another. It sometimes
applies a mechanism that exploits bugs in web browser technology,
allowing a malicious computer attack. Such attacks are most effective
against computers that lack recent security patches. Others are designed
for the purpose of a parody.

During such an attack, a computer user innocently visits a web site and
sees a familiar URL in the address bar such as http://www.wikipedia.org
but is, in reality, sending information to an entirely different
location that would typically be monitored by an information thief. When
sensitive information is requested by a fraudulent website, it is called
phishing.

The user is typically enticed to the false website from an email or a
hyperlink from another website.

In another variation, a website may look like the original, but is in
fact a parody of it. These are mostly harmless, and are more noticeably
different from the original, as they usually do not exploit bugs in web
browser technology.

This can also take place in a hosts file. It can redirect a site(s) to
another IP, which could be a spoofed website.

Ref: http://en.wikipedia.org/wiki/URL_spoofing