Indeed (tm): http://www.itworld.com/article/2736986/enterprise-software/microsoft-kills-silverlight-and-other-plug-ins-in-windows-8.html
On Fri, Jun 5, 2015 at 8:35 AM, Andrew S. Baker <[email protected]> wrote: > Perhaps, if Microsoft acted like they believed this, it might have > happened. Alas... > > > > > > > *ASB **http://XeeMe.com/AndrewBaker* <http://xeeme.com/AndrewBaker> > *Providing Virtual CIO Services (IT Operations & Information Security) for > the SMB market…* > > > > On Thu, Jun 4, 2015 at 5:58 PM, Kurt Buff <[email protected]> wrote: > >> Silverlight? :) >> >> On Thu, Jun 4, 2015 at 1:25 PM, Andrew S. Baker <[email protected]> >> wrote: >> >>> FTFY >>> >>> >>> >>> >>> >>> >>> *ASB **http://XeeMe.com/AndrewBaker* <http://xeeme.com/AndrewBaker> >>> *Providing Virtual CIO Services (IT Operations & Information Security) >>> for the SMB market…* >>> >>> >>> >>> On Thu, Jun 4, 2015 at 4:19 PM, Rankin, James R < >>> [email protected]> wrote: >>> >>>> Sounds like my assertion that half the world's sysadmins are crying out >>>> for a decent Java >>>> replacement >>>> solution is correct... >>>> >>>> >>>> ------- >>>> >>>> James Rankin | Director | TaloSys | 07809668579 >>>> Sent from my Blackberry >>>> >>>> -----Original Message----- >>>> From: "Maglinger, Paul" <[email protected]> >>>> Sender: <[email protected]> >>>> Date: Thu, 4 Jun 2015 19:54:57 >>>> To: '[email protected]'<[email protected]> >>>> Reply-To: <[email protected]> >>>> Subject: RE: [NTSysADM] Cryptlocker >>>> >>>> Updates would be fine... if they didn't break things. >>>> Reminds me of when we put in our latest Cisco IP Telephony solution. >>>> The phone system wanted me to upgrade my Java but then Cisco's web site >>>> wouldn't work with that version. >>>> *thunk* *thunk* *thunk* >>>> I LOATHE Java... >>>> >>>> -----Original Message----- >>>> From: [email protected] [mailto: >>>> [email protected]] On Behalf Of Kurt Buff >>>> Sent: Thursday, June 04, 2015 2:34 PM >>>> To: ntsysadm >>>> Subject: Re: [NTSysADM] Cryptlocker >>>> >>>> Updates of Java? Hell no. >>>> >>>> Some of our users somehow get Java fubared, and when ADP can't find >>>> Java, they tell the user to install 6u29, so I've put in an exception in >>>> our AV to block the download, >>>> >>>> Kurt >>>> >>>> On Thu, Jun 4, 2015 at 10:30 AM, Kennedy, Jim < >>>> [email protected]> wrote: >>>> > Nope, if they did I would be pushing hard to replace it. Have they >>>> gotten >>>> > any better at keeping up with updates? >>>> > >>>> > >>>> > >>>> > From: [email protected] >>>> > [mailto:[email protected]] >>>> > On Behalf Of Kurt Buff >>>> > Sent: Thursday, June 4, 2015 1:28 PM >>>> > >>>> > >>>> > To: ntsysadm >>>> > Subject: Re: [NTSysADM] Cryptlocker >>>> > >>>> > >>>> > >>>> > Your users don't file their timecards with ADP, then... >>>> > >>>> > Kurt >>>> > >>>> > >>>> > >>>> > On Thu, Jun 4, 2015 at 9:52 AM, Kennedy, Jim >>>> > <[email protected]> >>>> > wrote: >>>> > >>>> > 2 depends on Oracle, Chrome has been begging them for it for some >>>> time. >>>> > From Chrome’s perspective 1 and 2 are the same. That said, I honestly >>>> > do not think Firefox has any plans to discontinue NPAPI support. Their >>>> > approach is disabled by default….user beware if you enable it. >>>> > >>>> > >>>> > >>>> > Anecdotal but I can say that most of my users use Chrome, and they >>>> > have not missed Java. >>>> > >>>> > >>>> > >>>> > From: [email protected] >>>> > [mailto:[email protected]] >>>> > On Behalf Of Damien Solodow >>>> > Sent: Thursday, June 4, 2015 12:49 PM >>>> > >>>> > >>>> > To: [email protected] >>>> > Subject: RE: [NTSysADM] Cryptlocker >>>> > >>>> > >>>> > >>>> > Doubtful; I see one of two things happening: >>>> > >>>> > 1) Oracle blinks and releases an updated JRE that doesn’t use >>>> NPAPI >>>> > >>>> > 2) Chrome includes its own JRE like they did with Flash >>>> > >>>> > >>>> > >>>> > DAMIEN SOLODOW >>>> > >>>> > Senior Systems Engineer >>>> > >>>> > 317.447.6033 (office) >>>> > >>>> > 317.447.6014 (fax) >>>> > >>>> > HARRISON COLLEGE >>>> > >>>> > >>>> > >>>> > From: [email protected] >>>> > [mailto:[email protected]] >>>> > On Behalf Of Melvin Backus >>>> > Sent: Thursday, June 4, 2015 12:44 PM >>>> > To: [email protected] >>>> > Subject: RE: [NTSysADM] Cryptlocker >>>> > >>>> > >>>> > >>>> > So if I’m reading this correctly that would seem to mean that all the >>>> > thousands (millions?) of pages with Java embedded are going to be >>>> > relegated to IE only? (And JAVA will finally DIE? Albeit a slow and >>>> > lingering death.) >>>> > >>>> > >>>> > >>>> > >>>> > >>>> > -- >>>> > There are 10 kinds of people in the world... >>>> > those who understand binary and those who don't. >>>> > >>>> > >>>> > >>>> > From: [email protected] >>>> > [mailto:[email protected]] >>>> > On Behalf Of Kurt Buff >>>> > Sent: Thursday, June 4, 2015 10:41 AM >>>> > To: ntsysadm >>>> > Subject: Re: [NTSysADM] Cryptlocker >>>> > >>>> > >>>> > >>>> > Not Java specifically - the NPAPI interface. >>>> > >>>> > So is Firefox, and so will Edge... >>>> > >>>> > Kurt >>>> > >>>> > >>>> > >>>> > On Thu, Jun 4, 2015 at 6:42 AM, Heaton, Joseph@Wildlife >>>> > <[email protected]> wrote: >>>> > >>>> > Interesting. I didn’t realize that Chrome was doing away with Java >>>> > functionality. Thanks for the update. >>>> > >>>> > >>>> > >>>> > From: [email protected] >>>> > [mailto:[email protected]] >>>> > On Behalf Of Kennedy, Jim >>>> > Sent: Thursday, June 04, 2015 5:12 AM >>>> > >>>> > >>>> > To: [email protected] >>>> > Subject: RE: [NTSysADM] Cryptlocker >>>> > >>>> > >>>> > >>>> > Demand for this in Chrome will dwindle to zero in September when there >>>> > isn’t any way to run Java in Chrome. It’s already dwindling….we did >>>> > not bypass the block in the last patch for Chrome that disabled it. >>>> > >>>> > >>>> > >>>> > From: [email protected] >>>> > [mailto:[email protected]] >>>> > On Behalf Of James Rankin >>>> > Sent: Thursday, June 4, 2015 7:08 AM >>>> > To: [email protected] >>>> > Subject: RE: [NTSysADM] Cryptlocker >>>> > >>>> > >>>> > >>>> > OK, FSLogix confirm that currently the Java remediation only works >>>> with IE. >>>> > You can restrict other browsers on a process basis only currently, so >>>> > you could force Chrome or Firefox to a specific Java version by >>>> > process, but not by URL. >>>> > >>>> > >>>> > >>>> > However, support for other browsers is on the roadmap. Any customer >>>> > demand (probably someone coming along with 5000 users and wanting it >>>> > to work in >>>> > Chrome) will “drive the roadmap forward”, i.e. they’ll do it ASAP if >>>> > there’s a big enough sale at the end of it J >>>> > >>>> > >>>> > >>>> > Hope this helps, >>>> > >>>> > >>>> > >>>> > >>>> > >>>> > >>>> > >>>> > JR >>>> > >>>> > >>>> > >>>> > From: [email protected] >>>> > [mailto:[email protected]] >>>> > On Behalf Of James Rankin >>>> > Sent: 03 June 2015 18:56 >>>> > To: [email protected] >>>> > Subject: RE: [NTSysADM] Cryptlocker >>>> > >>>> > >>>> > >>>> > OK, I tried to test with Chrome and found out that Chrome has disabled >>>> > just about all the plugins from the websites I was using for testing L >>>> > >>>> > >>>> > >>>> > Waiting for an answer from FSLogix support as I now have to put the >>>> > kids in the bath! >>>> > >>>> > >>>> > >>>> > >>>> > >>>> > From: [email protected] >>>> > [mailto:[email protected]] >>>> > On Behalf Of Jonathan Link >>>> > Sent: 03 June 2015 18:44 >>>> > To: [email protected] >>>> > Subject: Re: [NTSysADM] Cryptlocker >>>> > >>>> > >>>> > >>>> > Probably not pants. >>>> > >>>> > >>>> > >>>> > On Wed, Jun 3, 2015 at 12:26 PM, James Rankin >>>> > <[email protected]> >>>> > wrote: >>>> > >>>> > Let me get you an answer on that…maybe something I should have tested >>>> > >>>> > >>>> > >>>> > From: [email protected] >>>> > [mailto:[email protected]] >>>> > On Behalf Of Heaton, Joseph@Wildlife >>>> > Sent: 03 June 2015 17:22 >>>> > To: '[email protected]' >>>> > Subject: RE: [NTSysADM] Cryptlocker >>>> > >>>> > >>>> > >>>> > So, it looks like FSLogix only works with IE? Is that true? >>>> > >>>> > >>>> > >>>> > From: [email protected] >>>> > [mailto:[email protected]] >>>> > On Behalf Of James Rankin >>>> > Sent: Tuesday, June 02, 2015 11:16 AM >>>> > To: [email protected] >>>> > Subject: RE: [NTSysADM] Cryptlocker >>>> > >>>> > >>>> > >>>> > OK, quick and dirty run-down, but I’m sure you can all get the gist of >>>> > it >>>> > (hopefully!) >>>> > >>>> > >>>> > >>>> > >>>> http://appsensebigot.blogspot.co.uk/2015/06/fslogix-first-look-1-manag >>>> > ing-legacy-or.html >>>> > >>>> > >>>> > >>>> > >>>> > >>>> > From: [email protected] >>>> > [mailto:[email protected]] >>>> > On Behalf Of Kurt Buff >>>> > Sent: 02 June 2015 17:38 >>>> > To: ntsysadm >>>> > Subject: Re: [NTSysADM] Cryptlocker >>>> > >>>> > >>>> > >>>> > Yes, please put up the link here when done. >>>> > >>>> > Kurt >>>> > >>>> > >>>> > >>>> > On Tue, Jun 2, 2015 at 8:43 AM, James Rankin >>>> > <[email protected]> >>>> > wrote: >>>> > >>>> > I shall endeavour to finish this as soon as possible then! >>>> > >>>> > >>>> > >>>> > From: [email protected] >>>> > [mailto:[email protected]] >>>> > On Behalf Of Maglinger, Paul >>>> > Sent: 02 June 2015 16:12 >>>> > To: '[email protected]' >>>> > Subject: RE: [NTSysADM] Cryptlocker >>>> > >>>> > >>>> > >>>> > Me too! >>>> > >>>> > >>>> > >>>> > -Paul >>>> > >>>> > >>>> > >>>> > From: [email protected] >>>> > [mailto:[email protected]] >>>> > On Behalf Of Sean Martin >>>> > Sent: Tuesday, June 02, 2015 10:07 AM >>>> > >>>> > >>>> > To: [email protected] >>>> > Subject: Re: [NTSysADM] Cryptlocker >>>> > >>>> > >>>> > >>>> > Definitely interested. >>>> > >>>> > - Sean >>>> > >>>> > >>>> > On Jun 2, 2015, at 6:08 AM, James Rankin <[email protected]> >>>> wrote: >>>> > >>>> > What you need is FSLogix Java Rules Manager, only allow the vulnerable >>>> > Java version to be seen when a specific URL is visited, otherwise – >>>> > it’s invisible to the user and OS, and the latest version is used. >>>> > >>>> > >>>> > >>>> > I’m writing an article up on this today, if anyone’s interested in >>>> > Java version management (on a sysadmin list, who isn’t?) >>>> > >>>> > >>>> > >>>> > J >>>> > >>>> > >>>> > >>>> > >>>> > >>>> > From: [email protected] >>>> > [mailto:[email protected]] >>>> > On Behalf Of Heaton, Joseph@Wildlife >>>> > Sent: 02 June 2015 14:51 >>>> > To: '[email protected]' >>>> > Subject: RE: [NTSysADM] Cryptlocker >>>> > >>>> > >>>> > >>>> > Update Java? That’s just crazy talk. We’re still at 7u51, with no >>>> > roadmap in place to go any higher. Not my choice, btw, it is >>>> > development issues with Oracle. >>>> > >>>> > >>>> > >>>> > From: [email protected] >>>> > [mailto:[email protected]] >>>> > On Behalf Of Ed Ziots >>>> > Sent: Saturday, May 30, 2015 10:48 AM >>>> > To: [email protected] >>>> > Subject: RE: [NTSysADM] Cryptlocker >>>> > >>>> > >>>> > >>>> > Nice.strategy >>>> > >>>> > Ed >>>> > >>>> > On May 29, 2015 9:31 AM, "Robert Strong" <[email protected]> >>>> wrote: >>>> > >>>> > Ensure you have the latest patches installed for Java and Flash. >>>> > Exploit kits like Angler, Nuclear and Magnitude are starting to >>>> > distribute Ransomware more frequently via drive-by download attacks >>>> > and malicious advertisements on common websites. >>>> > >>>> > >>>> > >>>> > We’ve had several ransomware incidents in the last few months all due >>>> > to unpatched systems. Host based detection is limited at best, but one >>>> > thing I have noticed in all incidents seen is that the malware >>>> > typically uses hxxp://ipinfo.io/ip to determine its public facing IP >>>> address. >>>> > >>>> > >>>> > >>>> > We have created correlation rules that detect users going to this >>>> > domain via our McAfee ESM SIEM, we then have an alarm that fires when >>>> > that correlation rule is seen and we can automatically apply an ePO >>>> > tag to enforce a policy that severely ‘disables’ the system (no R/W to >>>> > network shares, restricted HTTP/HTTPS going out). Our alarm also >>>> > e-mails out some key characteristics about the infected machine for >>>> > easy identification by our IT Service Desk team. >>>> > >>>> > >>>> > >>>> > Ransomware isn’t going away and it’s going to get worse. We’ve been >>>> > able to detect these IoC’s and have the issue remediated in under 7 >>>> minutes. >>>> > >>>> > >>>> > >>>> > Cheers, >>>> > >>>> > >>>> > >>>> > Rob Strong >>>> > >>>> > Information Security Specialist >>>> > >>>> > Equitable Life of Canada >>>> > >>>> > >>>> > >>>> > >>>> > >>>> > >>>> > >>>> > From: [email protected] >>>> > [mailto:[email protected]] >>>> > On Behalf Of David McSpadden >>>> > Sent: Thursday, May 28, 2015 7:17 PM >>>> > To: <[email protected]> >>>> > Subject: Re: [NTSysADM] Cryptlocker >>>> > >>>> > >>>> > >>>> > That's mine today. >>>> > >>>> > What variant was yours >>>> > >>>> > Sent from my iPhone >>>> > >>>> > >>>> > On May 28, 2015, at 7:14 PM, Heaton, Joseph@Wildlife >>>> > <[email protected]> wrote: >>>> > >>>> > We had that the other day. The files are getting encrypted, but the >>>> > extensions are not getting changed. >>>> > >>>> > >>>> > >>>> > From: [email protected] >>>> > [mailto:[email protected]] >>>> > On Behalf Of Jonathan Link >>>> > Sent: Thursday, May 28, 2015 8:37 AM >>>> > To: [email protected] >>>> > Subject: Re: [NTSysADM] Cryptlocker >>>> > >>>> > >>>> > >>>> > The text files created should indicate the affected user with the >>>> > Owner attribute, no? >>>> > >>>> > >>>> > >>>> > >>>> > >>>> > On Thu, May 28, 2015 at 11:30 AM, David McSpadden <[email protected]> >>>> wrote: >>>> > >>>> > I am pretty sure I have pc with this on it in my network. >>>> > >>>> > I have ran scans on workstations. >>>> > >>>> > I still do not see it but I have the tell tale signs. >>>> > >>>> > The HELP_DECRYPT files in network folders. >>>> > >>>> > The word and excel files not being able to be opened etc. >>>> > >>>> > How do I remove something that Trend is not seeing? >>>> > >>>> > Nor Windows Endpoint protection? >>>> > >>>> > >>>> > >>>> > >>>> > >>>> > David McSpadden >>>> > >>>> > Systems Administrator >>>> > >>>> > Indiana Members Credit Union >>>> > >>>> > P: 317.554.8190 | F: 317.554.8106 >>>> > >>>> > <image002.jpg> >>>> > >>>> > >>>> > >>>> > <image003.jpg> >>>> > >>>> > <image004.png> >>>> > >>>> > >>>> > >>>> > This e-mail and any files transmitted with it are property of Indiana >>>> > Members Credit Union, are confidential, and are intended solely for >>>> > the use of the individual or entity to whom this e-mail is addressed. >>>> > If you are not one of the named recipient(s) or otherwise have reason >>>> > to believe that you have received this message in error, please notify >>>> > the sender and delete this message immediately from your computer. Any >>>> > other use, retention, dissemination, forwarding, printing, or copying >>>> > of this email is strictly prohibited. >>>> > >>>> > >>>> > >>>> > Please consider the environment before printing this email. >>>> > >>>> > >>>> > >>>> > IMPORTANT NOTICE: Without the use of secure encryption, the Internet >>>> > is not a secure medium and privacy cannot be ensured. Internet e-mail >>>> > is vulnerable to interception, misuse and forging. Equitable cannot >>>> > ensure the privacy and authenticity of any information sent by way of >>>> the public Internet. >>>> > Equitable will not be responsible for any damages you may incur if you >>>> > communicate confidential and personal information to us over the >>>> > Internet or if we communicate such information to you at your request. >>>> > This e-mail and any attachments are confidential, may be covered by >>>> > legal professional privilege or exempt from disclosure under >>>> > applicable law, and are intended for the addressee only. If you are >>>> > not the intended recipient, you are not authorized to and must not >>>> > disclose, copy, distribute or retain any or part of this e-mail and >>>> > any attachments without written permission of The Equitable Life >>>> Insurance Company of Canada. >>>> > >>>> > >>>> > >>>> > >>>> > >>>> > >>>> > >>>> > >>>> >>>> >>>> >>> >> >
