I blame Adobe. -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Susan Bradley Sent: Monday, April 28, 2014 5:15 PM To: [email protected] Subject: Re: [NTSysADM] IE exploit
Hang on, it's not the same exploit. You are confusing two Flash vectors. The zero day via Fireeye is CVE-2014-1776 http://www.fireeye.com/blog/uncategorized/2014/04/new-zero-day-exploit-targeting-internet-explorer-versions-9-through-11-identified-in-targeted-attacks.html The Flash patch below is a totally different Flash patch and it's from Adobe. http://helpx.adobe.com/security/products/flash-player/apsb14-09.html It's just via Microsoft becasuse they stuck Flash in their browser and thus they update it. *CVE number:* CVE-2014-0506, CVE-2014-0507, CVE-2014-0508, CVE-2014-0509 Two totally different issues. Microsoft will patch all supported browsers for the weekend zero day when it's ready. The flash patch is just a Flash update. On 4/28/2014 2:00 PM, Rod Trent wrote: > > BTW: Microsoft has a patch ready for IE10 and IE11 only – for Windows > 8.x and Windows Server 2012… > > http://windowsitpro.com/msrc/flash-fix-ie-10-and-ie-11-only > > *From:*[email protected] > [mailto:[email protected]] *On Behalf Of *David Lum > *Sent:* Monday, April 28, 2014 4:56 PM > *To:* [email protected] > *Subject:* RE: [NTSysADM] IE exploit > > Saw this on a forum today: ”We have one agency warning us of an > exploit, and the other agency trying to use the exploit :)” > > FTW! > > -Dave Lum > > *From:*[email protected] > <mailto:[email protected]> > [mailto:[email protected]] *On Behalf Of *Rod Trent > *Sent:* Monday, April 28, 2014 12:04 PM > *To:* [email protected] > <mailto:[email protected]> > *Subject:* RE: [NTSysADM] IE exploit > > It’s not. Adobe has been working on today’s patch since early April, > working with Kaspersky. The one announced over the weekend as > identified by FireEye and Microsoft is working on a patch. > > *From:*[email protected] > <mailto:[email protected]> > [mailto:[email protected]] *On Behalf Of *David Lum > *Sent:* Monday, April 28, 2014 3:00 PM > *To:* [email protected] > <mailto:[email protected]> > *Subject:* RE: [NTSysADM] IE exploit > > Adobe’s patch addresses CVE-2014-0515 > > Microsoft’s address CVE-2014-1776 > > It’s possible they are linked, since this article does make them seem > like the same attack vector, but I do not speek enough > programmer-speak to know for sure: > > http://www.securelist.com/en/blog/8212/New_Flash_Player_0_day_CVE_2014 > _0515_used_in_watering_hole_attacks > > -Dave Lum > > *From:*[email protected] > <mailto:[email protected]> > [mailto:[email protected]] *On Behalf Of *David McSpadden > *Sent:* Monday, April 28, 2014 10:37 AM > *To:* '[email protected]' > *Subject:* RE: [NTSysADM] IE exploit > > I thought that is what I read in the MS articles? > > VML and Flash were the vector for the exploit? > > *From:*[email protected] > <mailto:[email protected]> > [mailto:[email protected]] *On Behalf Of *Rod Trent > *Sent:* Monday, April 28, 2014 1:34 PM > *To:* [email protected] > <mailto:[email protected]> > *Subject:* RE: [NTSysADM] IE exploit > > Yes, but that has nothing to do with the exploit reported over the > weekend. > > *From:*[email protected] > <mailto:[email protected]> > [mailto:[email protected]] *On Behalf Of *Kennedy, Jim > *Sent:* Monday, April 28, 2014 1:13 PM > *To:* [email protected] > <mailto:[email protected]> > *Subject:* RE: [NTSysADM] IE exploit > > Flash just released an update. > > http://helpx.adobe.com/security/products/flash-player/apsb14-13.html > > *From:*[email protected] > <mailto:[email protected]> > [mailto:[email protected]] *On Behalf Of *Rod Trent > *Sent:* Monday, April 28, 2014 1:11 PM > *To:* [email protected] > <mailto:[email protected]> > *Subject:* RE: [NTSysADM] IE exploit > > It’s all versions of Internet Explorer. However, supported versions > will be patched. > > There are ways to mitigate: > > http://windowsitpro.com/windows/all-hands-deck-zero-day-reported-wild- > affects-ie6-11 > > > *From:*[email protected] > <mailto:[email protected]> > [mailto:[email protected]] *On Behalf Of *David McSpadden > *Sent:* Monday, April 28, 2014 1:05 PM > *To:* [email protected] > <mailto:[email protected]> > *Subject:* RE: [NTSysADM] IE exploit > > Is it just XP or am I wrong that the 7’s, 8’s, and Server OS’s also an > issue the way I am reading it. > > Especially if they have Adobe Flash (Not sure of version) and the > website being visited using VML. > > ?? > > *From:*[email protected] > <mailto:[email protected]> > [mailto:[email protected]] *On Behalf Of *Rod Trent > *Sent:* Monday, April 28, 2014 12:59 PM > *To:* [email protected] > <mailto:[email protected]> > *Subject:* RE: [NTSysADM] IE exploit > > The is the first in a coming list of exploits that Windows XP will be > vulnerable to forever. > > *From:*[email protected] > <mailto:[email protected]> > [mailto:[email protected]] *On Behalf Of *Jonathan Link > *Sent:* Monday, April 28, 2014 12:51 PM > *To:* [email protected] > <mailto:[email protected]> > *Subject:* Re: [NTSysADM] IE exploit > > It's really bad if you're still running XP in your environment... > > On Mon, Apr 28, 2014 at 12:38 PM, David McSpadden <[email protected] > <mailto:[email protected]>> wrote: > > Any reason for concern? > > This e-mail and any files transmitted with it are property of > Indiana Members Credit Union, are confidential, and are intended > solely for the use of the individual or entity to whom this e-mail > is addressed. If you are not one of the named recipient(s) or > otherwise have reason to believe that you have received this > message in error, please notify the sender and delete this message > immediately from your computer. Any other use, retention, > dissemination, forwarding, printing, or copying of this email is > strictly prohibited. > > Please consider the environment before printing this email. > > This e-mail and any files transmitted with it are property of Indiana > Members Credit Union, are confidential, and are intended solely for > the use of the individual or entity to whom this e-mail is addressed. > If you are not one of the named recipient(s) or otherwise have reason > to believe that you have received this message in error, please notify > the sender and delete this message immediately from your computer. Any > other use, retention, dissemination, forwarding, printing, or copying > of this email is strictly prohibited. > > Please consider the environment before printing this email. > > This e-mail and any files transmitted with it are property of Indiana > Members Credit Union, are confidential, and are intended solely for > the use of the individual or entity to whom this e-mail is addressed. > If you are not one of the named recipient(s) or otherwise have reason > to believe that you have received this message in error, please notify > the sender and delete this message immediately from your computer. Any > other use, retention, dissemination, forwarding, printing, or copying > of this email is strictly prohibited. > > Please consider the environment before printing this email. > -- Got your CryptoLocker prevention in place? http://www.thirdtier.net/2013/10/cryptolocker-prevention-kit-updates/ Our last day of XP patching. Wave it goodbye.
