Two different things.





Sent from my Surface Pro 





From: 'Harjit Dhaliwal'
Sent: ‎Thursday‎, ‎February‎ ‎20‎, ‎2014 ‎5‎:‎42‎ ‎PM
To: SMS




So, the Adobe Flash update released today by Adobe and the Flash security 
Update from Microsoft is a fix for a new bug and does not address the FireEye 
reported vulnerability earlier this month?

-Harjit
 

On 2/20/2014 5:05 PM, Rod Trent wrote:




Yep…that’s right…

 

http://windowsitpro.com/msrc/microsoft-releases-temporary-fix-ie10-and-ie9-remote-code-execution-vulnerability

 

The IE10 vuln was reported to Microsoft by FireEye on the 13th and confirmed by 
Microsoft (and announced it also affects IE9) on the 18th. The Fix-It was 
released yesterday evening. Keep in mind the flaw is actually in Adobe’s Flash 
scripting language.

 

Coincidentally, Adobe released its 2nd zero-day update this month today. It’s 
also a Flash vuln.

 

http://windowsitpro.com/security/adobe-releases-second-critical-zero-day-flash-update-short-month
 

 



From: [email protected] [mailto:[email protected]] On 
Behalf Of Marcum, John
Sent: Thursday, February 20, 2014 4:54 PM
To: SMS List ([email protected])
Subject: [mssms] MS and Adobe OOB Updates

 

Am I reading this right???? Microsoft released an OOB warning but the only way 
to patch it is with a fix it?

 

http://news.cnet.com/8301-1009_3-57619214-83/adobe-issues-emergency-patch-again/

 

However, people who use those browsers must apply the fix manually with the 
FixIt shim tool. A permanent fix for the exploit is expected in three weeks or 
so

 

 

 







John Marcum
Lead Desktop Engineer

Bradley Arant Boult Cummings LLP








 

 






Confidentiality Notice: This e-mail is from a law firm and may be protected by 
the attorney-client or work product privileges. If you have received this 
message in error, please notify the sender by replying to this e-mail and then 
delete it from your computer.

Reply via email to