Trying? Let's go with has been using...
On Mon, Apr 28, 2014 at 4:56 PM, David Lum <[email protected]> wrote: > Saw this on a forum today: ”We have one agency warning us of an exploit, > and the other agency trying to use the exploit :)” > > > > FTW! > > > > -Dave Lum > > > > *From:* [email protected] [mailto: > [email protected]] *On Behalf Of *Rod Trent > *Sent:* Monday, April 28, 2014 12:04 PM > > *To:* [email protected] > *Subject:* RE: [NTSysADM] IE exploit > > > > It’s not. Adobe has been working on today’s patch since early April, > working with Kaspersky. The one announced over the weekend as identified by > FireEye and Microsoft is working on a patch. > > > > *From:* [email protected] [ > mailto:[email protected] <[email protected]>] *On > Behalf Of *David Lum > *Sent:* Monday, April 28, 2014 3:00 PM > *To:* [email protected] > *Subject:* RE: [NTSysADM] IE exploit > > > > Adobe’s patch addresses CVE-2014-0515 > > Microsoft’s address CVE-2014-1776 > > > > It’s possible they are linked, since this article does make them seem like > the same attack vector, but I do not speek enough programmer-speak to know > for sure: > > > http://www.securelist.com/en/blog/8212/New_Flash_Player_0_day_CVE_2014_0515_used_in_watering_hole_attacks > > > > -Dave Lum > > > > *From:* [email protected] [ > mailto:[email protected] <[email protected]>] *On > Behalf Of *David McSpadden > *Sent:* Monday, April 28, 2014 10:37 AM > *To:* '[email protected]' > *Subject:* RE: [NTSysADM] IE exploit > > > > I thought that is what I read in the MS articles? > > VML and Flash were the vector for the exploit? > > > > > > *From:* [email protected] [ > mailto:[email protected] <[email protected]>] *On > Behalf Of *Rod Trent > *Sent:* Monday, April 28, 2014 1:34 PM > *To:* [email protected] > *Subject:* RE: [NTSysADM] IE exploit > > > > Yes, but that has nothing to do with the exploit reported over the weekend. > > > > *From:* [email protected] [ > mailto:[email protected] <[email protected]>] *On > Behalf Of *Kennedy, Jim > *Sent:* Monday, April 28, 2014 1:13 PM > *To:* [email protected] > *Subject:* RE: [NTSysADM] IE exploit > > > > Flash just released an update. > > > > http://helpx.adobe.com/security/products/flash-player/apsb14-13.html > > > > > > *From:* [email protected] [ > mailto:[email protected] <[email protected]>] *On > Behalf Of *Rod Trent > *Sent:* Monday, April 28, 2014 1:11 PM > *To:* [email protected] > *Subject:* RE: [NTSysADM] IE exploit > > > > It’s all versions of Internet Explorer. However, supported versions will > be patched. > > > > There are ways to mitigate: > > > > > http://windowsitpro.com/windows/all-hands-deck-zero-day-reported-wild-affects-ie6-11 > > > > *From:* [email protected] <[email protected]> [ > mailto:[email protected] <[email protected]>] *On > Behalf Of *David McSpadden > *Sent:* Monday, April 28, 2014 1:05 PM > *To:* [email protected] > *Subject:* RE: [NTSysADM] IE exploit > > > > Is it just XP or am I wrong that the 7’s, 8’s, and Server OS’s also an > issue the way I am reading it. > > Especially if they have Adobe Flash (Not sure of version) and the website > being visited using VML. > > ?? > > > > *From:* [email protected] <[email protected]> [ > mailto:[email protected] <[email protected]>] *On > Behalf Of *Rod Trent > *Sent:* Monday, April 28, 2014 12:59 PM > *To:* [email protected] > *Subject:* RE: [NTSysADM] IE exploit > > > > The is the first in a coming list of exploits that Windows XP will be > vulnerable to forever. > > > > *From:* [email protected] [ > mailto:[email protected] <[email protected]>] *On > Behalf Of *Jonathan Link > *Sent:* Monday, April 28, 2014 12:51 PM > *To:* [email protected] > *Subject:* Re: [NTSysADM] IE exploit > > > > It's really bad if you're still running XP in your environment... > > > > On Mon, Apr 28, 2014 at 12:38 PM, David McSpadden <[email protected]> wrote: > > Any reason for concern? > > > > This e-mail and any files transmitted with it are property of Indiana > Members Credit Union, are confidential, and are intended solely for the use > of the individual or entity to whom this e-mail is addressed. If you are > not one of the named recipient(s) or otherwise have reason to believe that > you have received this message in error, please notify the sender and > delete this message immediately from your computer. Any other use, > retention, dissemination, forwarding, printing, or copying of this email is > strictly prohibited. > > > > Please consider the environment before printing this email. > > > > This e-mail and any files transmitted with it are property of Indiana > Members Credit Union, are confidential, and are intended solely for the use > of the individual or entity to whom this e-mail is addressed. If you are > not one of the named recipient(s) or otherwise have reason to believe that > you have received this message in error, please notify the sender and > delete this message immediately from your computer. Any other use, > retention, dissemination, forwarding, printing, or copying of this email is > strictly prohibited. > > > > Please consider the environment before printing this email. > > This e-mail and any files transmitted with it are property of Indiana > Members Credit Union, are confidential, and are intended solely for the use > of the individual or entity to whom this e-mail is addressed. If you are > not one of the named recipient(s) or otherwise have reason to believe that > you have received this message in error, please notify the sender and > delete this message immediately from your computer. Any other use, > retention, dissemination, forwarding, printing, or copying of this email is > strictly prohibited. > > > > Please consider the environment before printing this email. >
