If you purchased QuickBooks Enterprise 16 but discontinued your Full Service Plan and are not on the monthly Enterprise subscription plan, you may have recently received an email from Intuit's "QuickBooks Enterprise Team."
There have been quite a few questions regarding the legitimacy of this email. We have been assured by Intuit that the email is valid, and it is a good idea to take the recommended action within the email to eliminate any security vulnerabilities.
In the email notification, Intuit says it has identified a security vulnerability in QuickBooks Desktop software, and while it is not aware of any cases where fraudsters or others have taken advantage of this vulnerability, it could allow a cyber criminal to access the QuickBooks Desktop data that has not been updated to newer releases or patched with this update.
A screenshot of the valid email is below. Insightful Accountant gives a more detailed look into this notifications in their article QuickBooks Enterprise Team Notice - Real or Fake?