[gui-talk] does anyone know about this

Gregory D. Rosenberg gregg at ricis.com
Wed Apr 30 00:28:57 UTC 2014 

On Apr 29, 2014, at 16:26 CDT, Mike Freeman <k7uij at panix.com> wrote:

> There isn't a browser alive that hasn't got security issues. Since an
> apparent fix to the *real* problem is in the works, I'm not going to panic
> over it. Besides, what's to say the firefox site isn't corrupted?
> 
> Mike
> 

I am on an iMac. I run VMware Fusion with a variety of VMs. Plus I have several VMware ESXi servers that I run VMs on. I keep a read-only VM for dangerous browsing. When done it restarts and goes back to the original installed values. It gets patched by hand once a week. Then I make it read-only again.  


> 
> -----Original Message-----
> From: gui-talk [mailto:gui-talk-bounces at nfbnet.org] On Behalf Of Hoffman,
> Allen
> Sent: Tuesday, April 29, 2014 1:52 PM
> To: Discussion of the Graphical User Interface, GUI Talk Mailing List
> Subject: Re: [gui-talk] does anyone know about this
> 
> For one, learning Firefox was not hard for me at all.  Chrome is a bit more
> challenging in my view, and has some accessibility issues.
> 
> 
> -----Original Message-----
> From: gui-talk [mailto:gui-talk-bounces at nfbnet.org] On Behalf Of Gregory D.
> Rosenberg
> Sent: Tuesday, April 29, 2014 4:23 PM
> To: Discussion of the Graphical User Interface, GUI Talk Mailing List
> Subject: Re: [gui-talk] does anyone know about this
> 
> Mike,
> 
> Do you have a reverse-engineered copy of the exploit or can you please site
> your source. My understanding from all I have read is that Flash was just
> one such vector.
> 
> On Apr 28, 2014, at 22:15 CDT, Mike Freeman <k7uij at panix.com> wrote:
> 
>> If you disable the Flash plugin for Internet Explorer, the hack won't work
>> as it employs a corrupted Flash file to accomplish its evil.
>> 
>> Mike
>> 
>> 
>> -----Original Message-----
>> From: gui-talk [mailto:gui-talk-bounces at nfbnet.org] On Behalf Of Gregory
> D.
>> Rosenberg
>> Sent: Monday, April 28, 2014 7:35 PM
>> To: Discussion of the Graphical User Interface, GUI Talk Mailing List
>> Cc: NFB of Illinois Mailing List
>> Subject: Re: [gui-talk] does anyone know about this
>> 
>> Rob,
>> 
>> 1) In layman's terms. Stop using Internet Explorer and switch to Chrome,
>> Firefox, or Safari.
>> 
>> Researchers at security company FireEye have found a flaw in Internet
>> Explorer that could let hackers easily slip a virus on to your computer.
>> This also opens the doors for criminals. 
>> 
>> This flaw is present in every version of Internet Explorer stretching back
>> more than a decade. Version 6.0 through the latest IE incarnation. The
>> Internet Explorer browser is vulnerable on all versions of Windows.
>> 
>> The bug is a drive-by hack; all you have to do is visit a website that
>> hackers have hijacked or modified and you're infected.
>> 
>> There is no permanent fix and Microsoft is still researching the problem.
>> Microsoft advises using another browser until they fix this issue. 
>> 
>> This will potentially be a serious impact for those with no vision at all.
>> If they have to learn their way around a different browser.
>> 
>> 2) For those more technical.
>> 
>> US-CERT is aware of active exploitation of a use-after-free vulnerability
> in
>> Microsoft Internet Explorer. This vulnerability affects IE versions 6
>> through 11 and could allow unauthorized remote code execution.
>> US-CERT recommends that users and administrators review Microsoft Security
>> Advisory 2963983 for mitigation actions and workarounds. Those who cannot
>> follow Microsoft's recommendations, such as Windows XP users, may consider
>> employing an alternate browser.
>> For more details, please see VU#222929.
>> 
>> 3) For further reading:
>> 
>> 
> http://blogs.technet.com/b/msrc/archive/2014/04/26/microsoft-releases-securi
>> ty-advisory.aspx
>> 
>> 
> http://www.infoworld.com/t/microsoft-windows/us-cert-and-kb-2963983-dont-use
>> -drive-enabled-internet-explorer-241467
>> 
>> 
>> 
>> 
>> 
>> On Apr 28, 2014, at 20:53 CDT, Rob Kaiser <rcubfank at sbcglobal.net> wrote:
>> 
>>> I just heard on the news that there is a security issue with internet
>> explorer. 
>>> 
>>> I heard that Microsoft is advising that people use a differnet different
>> web browser. 
>>> 
>>> Does anyone know the particulars on this?
>>> 
>>> Thanks. 
>>> 
>>> _______________________________________________
>>> gui-talk mailing list
>>> gui-talk at nfbnet.org
>>> http://nfbnet.org/mailman/listinfo/gui-talk_nfbnet.org
>>> To unsubscribe, change your list options or get your account info for
>> gui-talk:
>>> http://nfbnet.org/mailman/options/gui-talk_nfbnet.org/gregg%40ricis.com
>> 
>> 
>> 
>> P.S. Text the word BLIND to 85944 to donate $10 to the NFB Imagination
> Fund
>> via your phone bill.
>> 
>> The National Federation of the Blind knows that blindness is not the
>> characteristic that defines you or your future. Every day we raise the
>> expectations of blind people, because low expectations create obstacles
>> between blind people and our dreams. You can have the life you want;
>> blindness is not what holds you back. 
>> 
>> --
>> 73' & 75'
>> Gregory D. Rosenberg AB9MZ
>> gregg at ricis.com
>> 
>> RICIS, Inc.
>> 7849 Bristol Park Drive
>> Tinley Park, IL 60477-4594
>> http://www.ricis.com
>> 
>> 708-267-6664 Cell 
>> 708-444-2690 Office
>> 708-444-1115 Fax 
>> (Please call before sending a fax)
>> 
>> 
>> 
>> 
>> NOTICE: This e-mail message and all attachments transmitted with it are
>> intended solely for the use of the addressee and may contain legally
>> privileged and confidential information. If the reader of this message is
>> not the intended recipient, or an employee or agent responsible for
>> delivering this message to the intended recipient, you are hereby notified
>> that any dissemination, distribution, copying, or other use of this
> message
>> or its attachments is strictly prohibited. If you have received this
> message
>> in error, please notify the sender immediately by replying to this message
>> and please delete it from your computer.
>> 
>> 
>> _______________________________________________
>> gui-talk mailing list
>> gui-talk at nfbnet.org
>> http://nfbnet.org/mailman/listinfo/gui-talk_nfbnet.org
>> To unsubscribe, change your list options or get your account info for
>> gui-talk:
>> http://nfbnet.org/mailman/options/gui-talk_nfbnet.org/k7uij%40panix.com
>> 
>> 
>> _______________________________________________
>> gui-talk mailing list
>> gui-talk at nfbnet.org
>> http://nfbnet.org/mailman/listinfo/gui-talk_nfbnet.org
>> To unsubscribe, change your list options or get your account info for
> gui-talk:
>> http://nfbnet.org/mailman/options/gui-talk_nfbnet.org/gregg%40ricis.com
> 
> 
> 
> P.S. Text the word BLIND to 85944 to donate $10 to the NFB Imagination Fund
> via your phone bill.
> 
> The National Federation of the Blind knows that blindness is not the
> characteristic that defines you or your future. Every day we raise the
> expectations of blind people, because low expectations create obstacles
> between blind people and our dreams. You can have the life you want;
> blindness is not what holds you back. 
> 
> --
> 73' & 75'
> Gregory D. Rosenberg AB9MZ
> gregg at ricis.com
> 
> RICIS, Inc.
> 7849 Bristol Park Drive
> Tinley Park, IL 60477-4594
> http://www.ricis.com
> 
> 708-267-6664 Cell 
> 708-444-2690 Office
> 708-444-1115 Fax 
> (Please call before sending a fax)
> 
> 
> 
> 
> NOTICE: This e-mail message and all attachments transmitted with it are
> intended solely for the use of the addressee and may contain legally
> privileged and confidential information. If the reader of this message is
> not the intended recipient, or an employee or agent responsible for
> delivering this message to the intended recipient, you are hereby notified
> that any dissemination, distribution, copying, or other use of this message
> or its attachments is strictly prohibited. If you have received this message
> in error, please notify the sender immediately by replying to this message
> and please delete it from your computer.
> 
> 
> _______________________________________________
> gui-talk mailing list
> gui-talk at nfbnet.org
> http://nfbnet.org/mailman/listinfo/gui-talk_nfbnet.org
> To unsubscribe, change your list options or get your account info for
> gui-talk:
> http://nfbnet.org/mailman/options/gui-talk_nfbnet.org/allen.hoffman%40hq.dhs
> .gov
> 
> 
> _______________________________________________
> gui-talk mailing list
> gui-talk at nfbnet.org
> http://nfbnet.org/mailman/listinfo/gui-talk_nfbnet.org
> To unsubscribe, change your list options or get your account info for
> gui-talk:
> http://nfbnet.org/mailman/options/gui-talk_nfbnet.org/k7uij%40panix.com
> 
> 
> _______________________________________________
> gui-talk mailing list
> gui-talk at nfbnet.org
> http://nfbnet.org/mailman/listinfo/gui-talk_nfbnet.org
> To unsubscribe, change your list options or get your account info for gui-talk:
> http://nfbnet.org/mailman/options/gui-talk_nfbnet.org/gregg%40ricis.com



P.S. Text the word BLIND to 85944 to donate $10 to the NFB Imagination Fund via your phone bill.

The National Federation of the Blind knows that blindness is not the characteristic that defines you or your future. Every day we raise the expectations of blind people, because low expectations create obstacles between blind people and our dreams. You can have the life you want; blindness is not what holds you back. 

--
73' & 75'
Gregory D. Rosenberg AB9MZ
gregg at ricis.com

RICIS, Inc.
7849 Bristol Park Drive
Tinley Park, IL 60477-4594
http://www.ricis.com

708-267-6664 Cell 
708-444-2690 Office
708-444-1115 Fax 
(Please call before sending a fax)




NOTICE: This e-mail message and all attachments transmitted with it are intended solely for the use of the addressee and may contain legally privileged and confidential information. If the reader of this message is not the intended recipient, or an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that any dissemination, distribution, copying, or other use of this message or its attachments is strictly prohibited. If you have received this message in error, please notify the sender immediately by replying to this message and please delete it from your computer.

More information about the GUI-Talk mailing list