Not even IE, it’s a close 2nd IMHO. Z
Edward E. Ziots, CISSP, CISA, CRISC, Security +, Network + Security Engineer Lifespan Organization [email protected]<mailto:[email protected]> Work:401-255-2497 This electronic message and any attachments may be privileged and confidential and protected from disclosure. If you are reading this message, but are not the intended recipient, nor an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that you are strictly prohibited from copying, printing, forwarding or otherwise disseminating this communication. If you have received this communication in error, please immediately notify the sender by replying to the message. Then, delete the message from your computer. Thank you. [cid:[email protected]] From: [email protected] [mailto:[email protected]] On Behalf Of Adm Sent: Tuesday, April 29, 2014 8:24 AM To: [email protected] Subject: Re: [NTSysADM] IE exploit Not even IE? On Tuesday, April 29, 2014, Ziots, Edward <[email protected]<mailto:[email protected]>> wrote: Java sucks period, nothing is worse… not even Adobe. Z Edward E. Ziots, CISSP, CISA, CRISC, Security +, Network + Security Engineer Lifespan Organization [email protected]<javascript:_e(%7B%7D,'cvml','[email protected]');> Work:401-255-2497 This electronic message and any attachments may be privileged and confidential and protected from disclosure. If you are reading this message, but are not the intended recipient, nor an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that you are strictly prohibited from copying, printing, forwarding or otherwise disseminating this communication. If you have received this communication in error, please immediately notify the sender by replying to the message. Then, delete the message from your computer. Thank you. [cid:[email protected]] From: [email protected]<javascript:_e(%7B%7D,'cvml','[email protected]');> [mailto:[email protected]<javascript:_e(%7B%7D,'cvml','[email protected]');>] On Behalf Of Andrew S. Baker Sent: Monday, April 28, 2014 5:58 PM To: ntsysadm Subject: Re: [BULK] RE: [NTSysADM] IE exploit Except for Java. Even I don't hate them enough to make them take the fall for that.... But it is close. ASB http://XeeMe.com/AndrewBaker<http://xeeme.com/AndrewBaker> Providing Virtual CIO Services (IT Operations & Information Security) for the SMB market… On Mon, Apr 28, 2014 at 5:39 PM, Matthew W. Ross <[email protected]<mailto:[email protected]>> wrote: Can we blame adobe for everything? They would make a great scapegoat. --Matt Ross Ephrata School District Rod Trent <[email protected]<mailto:[email protected]>> , 4/28/2014 2:33 PM: I blame Adobe. -----Original Message----- From: [email protected]<mailto:[email protected]> [mailto:[email protected]] On Behalf Of Susan Bradley Sent: Monday, April 28, 2014 5:15 PM To: [email protected]<mailto:[email protected]> Subject: Re: [NTSysADM] IE exploit Hang on, it's not the same exploit. You are confusing two Flash vectors. The zero day via Fireeye is CVE-2014-1776 http://www.fireeye.com/blog/uncategorized/2014/04/new-zero-day-exploit-targeting-internet-explorer-versions-9-through-11-identified-in-targeted-attacks.html The Flash patch below is a totally different Flash patch and it's from Adobe. http://helpx.adobe.com/security/products/flash-player/apsb14-09.html It's just via Microsoft becasuse they stuck Flash in their browser and thus they update it. *CVE number:* CVE-2014-0506, CVE-2014-0507, CVE-2014-0508, CVE-2014-0509 Two totally different issues. Microsoft will patch all supported browsers for the weekend zero day when it's ready. The flash patch is just a Flash update. On 4/28/2014 2:00 PM, Rod Trent wrote: > > BTW: Microsoft has a patch ready for IE10 and IE11 only – for Windows > 8.x and Windows Server 2012… > > http://windowsitpro.com/msrc/flash-fix-ie-10-and-ie-11-only > > *From:*[email protected] -- smsadm
