Seriously. I mean what the crap. I was able to keep it straight for most of the day.
Sent from Windows Phone 8 -----Original Message----- From: "Susan Bradley" <[email protected]> Sent: 4/28/2014 5:40 PM To: "[email protected]" <[email protected]> Subject: Re: [NTSysADM] IE exploit I can't believe I'm finally finding a need to refer to CVE numbers. On 4/28/2014 2:31 PM, Rod Trent wrote: > I blame Adobe. > > -----Original Message----- > From: [email protected] [mailto:[email protected]] > On Behalf Of Susan Bradley > Sent: Monday, April 28, 2014 5:15 PM > To: [email protected] > Subject: Re: [NTSysADM] IE exploit > > Hang on, it's not the same exploit. You are confusing two Flash vectors. > > The zero day via Fireeye is CVE-2014-1776 > http://www.fireeye.com/blog/uncategorized/2014/04/new-zero-day-exploit-targeting-internet-explorer-versions-9-through-11-identified-in-targeted-attacks.html > > The Flash patch below is a totally different Flash patch and it's from Adobe. > http://helpx.adobe.com/security/products/flash-player/apsb14-09.html > It's just via Microsoft becasuse they stuck Flash in their browser and thus > they update it. *CVE number:* CVE-2014-0506, CVE-2014-0507, CVE-2014-0508, > CVE-2014-0509 > > Two totally different issues. > > Microsoft will patch all supported browsers for the weekend zero day when > it's ready. > > The flash patch is just a Flash update. > > On 4/28/2014 2:00 PM, Rod Trent wrote: >> BTW: Microsoft has a patch ready for IE10 and IE11 only – for Windows >> 8.x and Windows Server 2012… >> >> http://windowsitpro.com/msrc/flash-fix-ie-10-and-ie-11-only >> >> *From:*[email protected] >> [mailto:[email protected]] *On Behalf Of *David Lum >> *Sent:* Monday, April 28, 2014 4:56 PM >> *To:* [email protected] >> *Subject:* RE: [NTSysADM] IE exploit >> >> Saw this on a forum today: ”We have one agency warning us of an >> exploit, and the other agency trying to use the exploit :)” >> >> FTW! >> >> -Dave Lum >> >> *From:*[email protected] >> <mailto:[email protected]> >> [mailto:[email protected]] *On Behalf Of *Rod Trent >> *Sent:* Monday, April 28, 2014 12:04 PM >> *To:* [email protected] >> <mailto:[email protected]> >> *Subject:* RE: [NTSysADM] IE exploit >> >> It’s not. Adobe has been working on today’s patch since early April, >> working with Kaspersky. The one announced over the weekend as >> identified by FireEye and Microsoft is working on a patch. >> >> *From:*[email protected] >> <mailto:[email protected]> >> [mailto:[email protected]] *On Behalf Of *David Lum >> *Sent:* Monday, April 28, 2014 3:00 PM >> *To:* [email protected] >> <mailto:[email protected]> >> *Subject:* RE: [NTSysADM] IE exploit >> >> Adobe’s patch addresses CVE-2014-0515 >> >> Microsoft’s address CVE-2014-1776 >> >> It’s possible they are linked, since this article does make them seem >> like the same attack vector, but I do not speek enough >> programmer-speak to know for sure: >> >> http://www.securelist.com/en/blog/8212/New_Flash_Player_0_day_CVE_2014 >> _0515_used_in_watering_hole_attacks >> >> -Dave Lum >> >> *From:*[email protected] >> <mailto:[email protected]> >> [mailto:[email protected]] *On Behalf Of *David McSpadden >> *Sent:* Monday, April 28, 2014 10:37 AM >> *To:* '[email protected]' >> *Subject:* RE: [NTSysADM] IE exploit >> >> I thought that is what I read in the MS articles? >> >> VML and Flash were the vector for the exploit? >> >> *From:*[email protected] >> <mailto:[email protected]> >> [mailto:[email protected]] *On Behalf Of *Rod Trent >> *Sent:* Monday, April 28, 2014 1:34 PM >> *To:* [email protected] >> <mailto:[email protected]> >> *Subject:* RE: [NTSysADM] IE exploit >> >> Yes, but that has nothing to do with the exploit reported over the >> weekend. >> >> *From:*[email protected] >> <mailto:[email protected]> >> [mailto:[email protected]] *On Behalf Of *Kennedy, Jim >> *Sent:* Monday, April 28, 2014 1:13 PM >> *To:* [email protected] >> <mailto:[email protected]> >> *Subject:* RE: [NTSysADM] IE exploit >> >> Flash just released an update. >> >> http://helpx.adobe.com/security/products/flash-player/apsb14-13.html >> >> *From:*[email protected] >> <mailto:[email protected]> >> [mailto:[email protected]] *On Behalf Of *Rod Trent >> *Sent:* Monday, April 28, 2014 1:11 PM >> *To:* [email protected] >> <mailto:[email protected]> >> *Subject:* RE: [NTSysADM] IE exploit >> >> It’s all versions of Internet Explorer. However, supported versions >> will be patched. >> >> There are ways to mitigate: >> >> http://windowsitpro.com/windows/all-hands-deck-zero-day-reported-wild- >> affects-ie6-11 >> >> >> *From:*[email protected] >> <mailto:[email protected]> >> [mailto:[email protected]] *On Behalf Of *David McSpadden >> *Sent:* Monday, April 28, 2014 1:05 PM >> *To:* [email protected] >> <mailto:[email protected]> >> *Subject:* RE: [NTSysADM] IE exploit >> >> Is it just XP or am I wrong that the 7’s, 8’s, and Server OS’s also an >> issue the way I am reading it. >> >> Especially if they have Adobe Flash (Not sure of version) and the >> website being visited using VML. >> >> ?? >> >> *From:*[email protected] >> <mailto:[email protected]> >> [mailto:[email protected]] *On Behalf Of *Rod Trent >> *Sent:* Monday, April 28, 2014 12:59 PM >> *To:* [email protected] >> <mailto:[email protected]> >> *Subject:* RE: [NTSysADM] IE exploit >> >> The is the first in a coming list of exploits that Windows XP will be >> vulnerable to forever. >> >> *From:*[email protected] >> <mailto:[email protected]> >> [mailto:[email protected]] *On Behalf Of *Jonathan Link >> *Sent:* Monday, April 28, 2014 12:51 PM >> *To:* [email protected] >> <mailto:[email protected]> >> *Subject:* Re: [NTSysADM] IE exploit >> >> It's really bad if you're still running XP in your environment... >> >> On Mon, Apr 28, 2014 at 12:38 PM, David McSpadden <[email protected] >> <mailto:[email protected]>> wrote: >> >> Any reason for concern? >> >> This e-mail and any files transmitted with it are property of >> Indiana Members Credit Union, are confidential, and are intended >> solely for the use of the individual or entity to whom this e-mail >> is addressed. If you are not one of the named recipient(s) or >> otherwise have reason to believe that you have received this >> message in error, please notify the sender and delete this message >> immediately from your computer. Any other use, retention, >> dissemination, forwarding, printing, or copying of this email is >> strictly prohibited. >> >> Please consider the environment before printing this email. >> >> This e-mail and any files transmitted with it are property of Indiana >> Members Credit Union, are confidential, and are intended solely for >> the use of the individual or entity to whom this e-mail is addressed. >> If you are not one of the named recipient(s) or otherwise have reason >> to believe that you have received this message in error, please notify >> the sender and delete this message immediately from your computer. Any >> other use, retention, dissemination, forwarding, printing, or copying >> of this email is strictly prohibited. >> >> Please consider the environment before printing this email. >> >> This e-mail and any files transmitted with it are property of Indiana >> Members Credit Union, are confidential, and are intended solely for >> the use of the individual or entity to whom this e-mail is addressed. >> If you are not one of the named recipient(s) or otherwise have reason >> to believe that you have received this message in error, please notify >> the sender and delete this message immediately from your computer. Any >> other use, retention, dissemination, forwarding, printing, or copying >> of this email is strictly prohibited. >> >> Please consider the environment before printing this email. >> > -- > Got your CryptoLocker prevention in place? > http://www.thirdtier.net/2013/10/cryptolocker-prevention-kit-updates/ > Our last day of XP patching. Wave it goodbye. > > > > > > > > > -- Got your CryptoLocker prevention in place? http://www.thirdtier.net/2013/10/cryptolocker-prevention-kit-updates/ Our last day of XP patching. Wave it goodbye.
