cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Former Member
Not applicable
Report Inappropriate Content
Message 11 of 59

Re: cve 2014-1776 IE Zero Day Exploit - Any News from McAfee??

Hi Ex_brit,

i had also logged a case with McAfee support regarding this cve 2014-1776, and tried to call them, been put on hold for a long time, no respond from them.

Re: cve 2014-1776 IE Zero Day Exploit - Any News from McAfee??

Yes the support portal would be the best ones to push on this question.   I realise they are busy.  The examples I posted were merely to show that McAfee does act quickly on such things as such exploits are nothing new....I'm sure they are working on this one as we speak.  Anyway, I'm on the consumer side and only a volunteer here, so I can only hope that someone from the company chimes in here.

Former Member
Not applicable
Report Inappropriate Content
Message 13 of 59

Re: cve 2014-1776 IE Zero Day Exploit - Any News from McAfee??

Ex_Brit & Haydon...

I guess that is the exact point - there isn't a posting on the threat advisory web site that they are working on this.  As it turns out my account rep directed me to the  McAfee Labs Security Advisories mailing list.  I was just looking for an acknowledgment from McAfee that they are working on this.  Its sort of tough telling management  'I think McAfee is looking at this'...  Now that I am on the mailing list hopefully I will get that information I need for questions I'm being asked about this.  It would be helpful if they put the 'we are looking into this' on their web site too to prevent this sort of discussion.

 



Re: cve 2014-1776 IE Zero Day Exploit - Any News from McAfee??

I'm afraid I don't know anyone who deals with Enterprise/Consumer advisories so can't pull strings, sorry.

I will try someone who deals with the antivirus database to see if they know anything, however.

Message was edited by: Ex_Brit on 28/04/14 10:41:39 EDT AM

Re: cve 2014-1776 IE Zero Day Exploit - Any News from McAfee??

OK I heard back from the labs contact I have.

Analysis is ongoing and should figure in the next MTIS update.

Former Member
Not applicable
Report Inappropriate Content
Message 16 of 59

Re: cve 2014-1776 IE Zero Day Exploit - Any News from McAfee??

Well, nearly 72 hours in and Symantec has a signature, but McAfee apparenly cant be bothered to even acknowlege the issue....but don't worry, the have the "I Love You" virus well in hand.

malware-alerts
Reliable Contributor
Reliable Contributor
Report Inappropriate Content
Message 17 of 59

Re: cve 2014-1776 IE Zero Day Exploit - Any News from McAfee??

I'll play Devil's advocate here.

McAfee isn't the only one without a peep about a signature (as of Apr28th)

TrendMicro: nothing

Sophos: nothing

Kaspersky: nothing.

Hayton
Reliable Contributor
Reliable Contributor
Report Inappropriate Content
Message 18 of 59

Re: cve 2014-1776 IE Zero Day Exploit - Any News from McAfee??

Adobe have issued an Advisory. Curiously, they give a different CVE reference - CVE-2014-0515

So just apply the emergency Flash update.

http://krebsonsecurity.com/2014/04/adobe-update-nixes-flash-player-zero-day

http://helpx.adobe.com/security/products/flash-player/apsb14-13.html

Message was edited by: Hayton on 28/04/14 20:20:11 IST

Message was edited by: Hayton on 28/04/14 20:24:31 IST
Former Member
Not applicable
Report Inappropriate Content
Message 19 of 59

Re: cve 2014-1776 IE Zero Day Exploit - Any News from McAfee??

Unless I am mistaken, these are two separate zero-days... One for IE and one for Flash, no?

Hayton wrote:

Just apply the emergency Flash update.

http://krebsonsecurity.com/2014/04/adobe-update-nixes-flash-player-zero-day

http://helpx.adobe.com/security/products/flash-player/apsb14-13.html

Hayton
Reliable Contributor
Reliable Contributor
Report Inappropriate Content
Message 20 of 59

Re: cve 2014-1776 IE Zero Day Exploit - Any News from McAfee??

Of course. My mistake. It's been one of those days   Their Advisory says the notification came from Kaspersky, and the CVE number is different (which I did at least notice). So this is still open awaiting word from McAfee.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community