ITS Announcements - Coastal Carolina University Announcements http://www.coastal.edu/its/ Coastal Carolina University Spirit/HTC communications scheduled maintenance to affect internet services DATESfrom 7252014 120000 AM until 7252014 40000 AMbrbrIMPACTThis is a serviceaffecting advisory http://www.coastal.edu/its/announcements/portal.html?id=686 Fri, 18 Jul 2014 12:17:20 EDT Vulnerability in Adobe Flash Player Could Allow Remote Code Execution html xmlnsvurnschemasmicrosoftcomvml xmlnsournschemasmicrosoftcomofficeoffice xmlnswurnschemasmicrosoftcomofficeword xmlnsmhttpschemasmicrosoftcomoffice200412omml xmlnshttpwwww3orgTRREChtml40headmeta httpequivContentType contenttexthtml charsetiso88591meta nameGenerator contentMicrosoft Word 14 filtered mediumif msostylev behaviorurldefaultVMLo behaviorurldefaultVMLw behaviorurldefaultVMLshape behaviorurldefaultVMLstyleendifstyle Font Definitions fontfacefontfamilyWingdingspanose15 0 0 0 0 0 0 0 0 0fontfacefontfamilyWingdingspanose15 0 0 0 0 0 0 0 0 0fontfacefontfamilyCalibripanose12 15 5 2 2 2 4 3 2 4fontfacefontfamilyTahomapanose12 11 6 4 3 5 4 4 2 4 Style Definitions pMsoNormal liMsoNormal divMsoNormalmargin0inmarginbottom0001ptfontsize110ptfontfamilyCalibrisansserifalink spanMsoHyperlinkmsostylepriority99colorbluetextdecorationunderlineavisited spanMsoHyperlinkFollowedmsostylepriority99colorpurpletextdecorationunderlinepMsoAcetate liMsoAcetate divMsoAcetatemsostylepriority99msostylelinkBalloon Text Charmargin0inmarginbottom0001ptfontsize80ptfontfamilyTahomasansserifpMsoListParagraph liMsoListParagraph divMsoListParagraphmsostylepriority34margintop0inmarginright0inmarginbottom100ptmarginleft5inlineheight115fontsize110ptfontfamilyCalibrisansserifmsofareastlanguageZHCNspanEmailStyle17msostyletypepersonalcomposefontfamilyCalibrisansserifcolorwindowtextspanBalloonTextCharmsostylenameBalloon Text Charmsostylepriority99msostylelinkBalloon TextfontfamilyTahomasansserifMsoChpDefaultmsostyletypeexportonlyfontfamilyCalibrisansserifpage WordSection1size85in 110inmargin10in 10in 10in 10indivWordSection1pageWordSection1 List Definitions list l0msolistid889264414msolisttypehybridmsolisttemplateids1666144032 67698689 67698691 67698693 67698689 67698691 67698693 67698689 67698691 67698693list l0level1msolevelnumberformatbulletmsoleveltextF0B7msoleveltabstopnonemsolevelnumberpositionleftmarginleft125intextindent25infontfamilySymbollist l0level2msolevelnumberformatbulletmsoleveltextomsoleveltabstopnonemsolevelnumberpositionleftmarginleft175intextindent25infontfamilyCourier Newlist l0level3msolevelnumberformatbulletmsoleveltextF0A7msoleveltabstopnonemsolevelnumberpositionleftmarginleft225intextindent25infontfamilyWingdingslist l0level4msolevelnumberformatbulletmsoleveltextF0B7msoleveltabstopnonemsolevelnumberpositionleftmarginleft275intextindent25infontfamilySymbollist l0level5msolevelnumberformatbulletmsoleveltextomsoleveltabstopnonemsolevelnumberpositionleftmarginleft325intextindent25infontfamilyCourier Newlist l0level6msolevelnumberformatbulletmsoleveltextF0A7msoleveltabstopnonemsolevelnumberpositionleftmarginleft375intextindent25infontfamilyWingdingslist l0level7msolevelnumberformatbulletmsoleveltextF0B7msoleveltabstopnonemsolevelnumberpositionleftmarginleft425intextindent25infontfamilySymbollist l0level8msolevelnumberformatbulletmsoleveltextomsoleveltabstopnonemsolevelnumberpositionleftmarginleft475intextindent25infontfamilyCourier Newlist l0level9msolevelnumberformatbulletmsoleveltextF0A7msoleveltabstopnonemsolevelnumberpositionleftmarginleft525intextindent25infontfamilyWingdingslist l1msolistid1016152580msolisttypehybridmsolisttemplateids123756540 67698689 503485258 730143842 67698689 67698691 67698693 67698689 67698691 67698693list l1level1msolevelnumberformatbulletmsoleveltextF0B7msoleveltabstopnonemsolevelnumberpositionleftmarginleft405pttextindent2025ptfontfamilySymbolmsoansifontweightboldlist l1level2msolevelstartat0msolevelnumberformatbulletmsoleveltext00B7msoleveltabstopnonemsolevelnumberpositionleftmarginleft765pttextindent2025ptfontfamilyTimes New RomanserifmsofareastfontfamilyTimes New Romanlist l1level3msolevelstartat0msolevelnumberformatbulletmsoleveltext2022msoleveltabstopnonemsolevelnumberpositionleftmarginleft1290pttextindent3675ptfontfamilyTimes New RomanserifmsofareastfontfamilyCalibrilist l1level4msolevelnumberformatbulletmsoleveltextF0B7msoleveltabstopnonemsolevelnumberpositionleftmarginleft14625pttextindent25infontfamilySymbollist l1level5msolevelnumberformatbulletmsoleveltextomsoleveltabstopnonemsolevelnumberpositionleftmarginleft18225pttextindent25infontfamilyCourier Newlist l1level6msolevelnumberformatbulletmsoleveltextF0A7msoleveltabstopnonemsolevelnumberpositionleftmarginleft21825pttextindent25infontfamilyWingdingslist l1level7msolevelnumberformatbulletmsoleveltextF0B7msoleveltabstopnonemsolevelnumberpositionleftmarginleft25425pttextindent25infontfamilySymbollist l1level8msolevelnumberformatbulletmsoleveltextomsoleveltabstopnonemsolevelnumberpositionleftmarginleft29025pttextindent25infontfamilyCourier Newlist l1level9msolevelnumberformatbulletmsoleveltextF0A7msoleveltabstopnonemsolevelnumberpositionleftmarginleft32625pttextindent25infontfamilyWingdingslist l2msolistid1471551277msolisttypehybridmsolisttemplateids1721964042 67698689 67698691 67698693 67698689 67698691 67698693 67698689 67698691 67698693list l2level1msolevelnumberformatbulletmsoleveltextF0B7msoleveltabstopnonemsolevelnumberpositionlefttextindent25infontfamilySymbollist l2level2msolevelnumberformatbulletmsoleveltextomsoleveltabstopnonemsolevelnumberpositionlefttextindent25infontfamilyCourier Newlist l2level3msolevelnumberformatbulletmsoleveltextF0A7msoleveltabstopnonemsolevelnumberpositionlefttextindent25infontfamilyWingdingslist l2level4msolevelnumberformatbulletmsoleveltextF0B7msoleveltabstopnonemsolevelnumberpositionlefttextindent25infontfamilySymbollist l2level5msolevelnumberformatbulletmsoleveltextomsoleveltabstopnonemsolevelnumberpositionlefttextindent25infontfamilyCourier Newlist l2level6msolevelnumberformatbulletmsoleveltextF0A7msoleveltabstopnonemsolevelnumberpositionlefttextindent25infontfamilyWingdingslist l2level7msolevelnumberformatbulletmsoleveltextF0B7msoleveltabstopnonemsolevelnumberpositionlefttextindent25infontfamilySymbollist l2level8msolevelnumberformatbulletmsoleveltextomsoleveltabstopnonemsolevelnumberpositionlefttextindent25infontfamilyCourier Newlist l2level9msolevelnumberformatbulletmsoleveltextF0A7msoleveltabstopnonemsolevelnumberpositionlefttextindent25infontfamilyWingdingslist l3msolistid1891728398msolisttypehybridmsolisttemplateids806300006 67698689 67698691 67698693 67698689 67698691 67698693 67698689 67698691 67698693list l3level1msolevelnumberformatbulletmsoleveltextF0B7msoleveltabstopnonemsolevelnumberpositionlefttextindent25infontfamilySymbollist l3level2msolevelnumberformatbulletmsoleveltextomsoleveltabstopnonemsolevelnumberpositionlefttextindent25infontfamilyCourier Newlist l3level3msolevelnumberformatbulletmsoleveltextF0A7msoleveltabstopnonemsolevelnumberpositionlefttextindent25infontfamilyWingdingslist l3level4msolevelnumberformatbulletmsoleveltextF0B7msoleveltabstopnonemsolevelnumberpositionlefttextindent25infontfamilySymbollist l3level5msolevelnumberformatbulletmsoleveltextomsoleveltabstopnonemsolevelnumberpositionlefttextindent25infontfamilyCourier Newlist l3level6msolevelnumberformatbulletmsoleveltextF0A7msoleveltabstopnonemsolevelnumberpositionlefttextindent25infontfamilyWingdingslist l3level7msolevelnumberformatbulletmsoleveltextF0B7msoleveltabstopnonemsolevelnumberpositionlefttextindent25infontfamilySymbollist l3level8msolevelnumberformatbulletmsoleveltextomsoleveltabstopnonemsolevelnumberpositionlefttextindent25infontfamilyCourier Newlist l3level9msolevelnumberformatbulletmsoleveltextF0A7msoleveltabstopnonemsolevelnumberpositionlefttextindent25infontfamilyWingdingsolmarginbottom0inulmarginbottom0instyleif gte mso 9xmloshapedefaults vextedit spidmax1026 xmlendifif gte mso 9xmloshapelayout vexteditoidmap vextedit data1 oshapelayoutxmlendifheadbody langENUS linkblue vlinkpurplediv classWordSection1table classMsoNormalTable border0 cellspacing0 cellpadding0 stylebordercollapsecollapsetbodytrtd width103 valigntop stylewidth7755ptpadding0in 54pt 0in 54ptp classMsoNormalimg width89 height89 idPicture_x0020_2 srcimagesSCISACbmpbspan stylefontsize120ptmsofareastlanguageZHCNopopspanbptdtd width487 stylewidth36525ptpadding0in 54pt 0in 54ptp classMsoNormalbspan stylefontsize140ptDIS SCISACspanbbspan stylefontsize140ptmsofareastlanguageZHCNopopspanbpp classMsoNormalbspan stylefontsize140ptDivision of Information Securityopopspanbpp classMsoNormalbspan stylefontsize140ptSouth Carolina Information Sharing and Analysis Centerspanbspan stylefontsize120ptmsofareastlanguageZHCNopopspanptdtrtbodytablep classMsoNormalspan stylemsofareastlanguageZHCNopnbspopspanpp classMsoNormalbSECURITY ADVISORYbopoppp classMsoNormalopnbspoppp classMsoNormalbDATE ISSUEDb nbspnbsp 512014span stylecolorredopopspanpp classMsoNormal stylemsomargintopaltautomsomarginbottomaltautobSUBJECTnbspnbspnbspnbspnbspnbspnbspnbspnbspnbspnbspnbspbspan stylecolorblackVulnerability in Adobe Flash PlayernbspCould Allow Remote Code Executionnbspopopspanpp classMsoNormal stylemsomargintopaltautomsomarginbottomaltautobEXECUTIVE SUMMARYopopbpp classMsoNormal stylepagebreakafteravoidA vulnerability has been discovered in Adobe Flash Player Adobe Flash Player is a widely distributed multimedia and application player used to enhance the user experience when visiting web pages or reading email messagesnbspSuccessful exploitation of this vulnerability could result in an attacker gaining the same privileges as the logged on user Depending on the privileges associated with the user an attacker could then install programs view change or delete data or create new accounts with full user rightsnbspFailed exploit attempts will likely cause denialofservice conditionsopoppp classMsoNormal stylepagebreakafteravoidbopnbspopbpp classMsoNormal stylepagebreakafteravoidbTHREAT INTELLIGENCEopopbpp classMsoNormalbopnbspopbpp classMsoNormalbThis vulnerability is currently being exploited in the wild Kaspersky Lab has reported that an active exploit for this vulnerability was discovered on a compromised website at hxxpjpicdotgovdotsybopoppp classMsoNormalbspan stylecolorblackopnbspopspanbpp classMsoNormalbspan stylecolorblackTECHNICAL SUMMARYopopspanbpp classMsoNormalbspan stylecolorblackopnbspopspanbpp classMsoNormalspan stylecolorblackAdobe Flash Player is prone to a remote buffer overflow vulnerability This vulnerability exists in the Pixel Bender component of Adobe Flash The vulnerability may be exploited in a way that could allow an attacker to execute arbitrary code in the context of the current user within Adobe Flash An attacker could host a website with a specially crafted Small Web Format SWF file designed to take advantage of this vulnerability and then convince or trick an unsuspecting user to visit their siteopopspanpp classMsoNormalspan stylecolorblacknbspopopspanpp classMsoNormalspan stylecolorblackSuccessful exploitation of this vulnerability could result in an attacker gaining the same privileges as the logged on user Depending on the privileges associated with the user an attacker could then install programs view change or delete data or create new accounts with full user rightsopopspanpp classMsoNormalbopnbspopbpp classMsoNormalbopnbspopbpp classMsoNormalbopnbspopbpp classMsoNormalbopnbspopbpp classMsoNormalbopnbspopbpp classMsoNormalbopnbspopbpp classMsoNormalbSYSTEMS AFFECTEDopopbpp classMsoNormalbopnbspopbpp classMsoListParagraph stylemarginbottom0inmarginbottom0001pttextindent25inmsolistl3 level1 lfo1if supportListsspan stylefontsize120ptlineheight115fontfamilySymbolcolorblackspan stylemsolistIgnorespan stylefont70pt quotTimes New Romanquotnbspnbspnbspnbspnbspnbspnbspnbspspanspanspanendifspan stylefontsize120ptlineheight115fontfamilyquotTimes New RomanquotquotserifquotcolorblackAdobe Flash Player 1300182 and earlier versions for Windowsopopspanpp classMsoListParagraph stylemarginbottom0inmarginbottom0001pttextindent25inmsolistl3 level1 lfo1if supportListsspan stylefontsize120ptlineheight115fontfamilySymbolcolorblackspan stylemsolistIgnorespan stylefont70pt quotTimes New Romanquotnbspnbspnbspnbspnbspnbspnbspnbspspanspanspanendifspan stylefontsize120ptlineheight115fontfamilyquotTimes New RomanquotquotserifquotcolorblackAdobe Flash Player 1300201 and earlier versions for Macintoshopopspanpp classMsoListParagraph stylemarginbottom0inmarginbottom0001pttextindent25inmsolistl3 level1 lfo1if supportListsspan stylefontsize120ptlineheight115fontfamilySymbolcolorblackspan stylemsolistIgnorespan stylefont70pt quotTimes New Romanquotnbspnbspnbspnbspnbspnbspnbspnbspspanspanspanendifspan stylefontsize120ptlineheight115fontfamilyquotTimes New RomanquotquotserifquotcolorblackAdobe Flash Player 112202350 and earlier versions for Linuxopopspanpp classMsoNormalbspan stylefontsize120ptfontfamilyquotTimes New Romanquotquotserifquotopnbspopspanbpp classMsoNormalbRISKopopbpp classMsoNormalbGovernmentopopbpp classMsoNormal stylemarginleft405pttextindent2025ptmsolistl1 level1 lfo2if supportListsspan stylefontfamilySymbolspan stylemsolistIgnorespan stylefont70pt quotTimes New RomanquotnbspnbspnbspnbspnbspnbspnbspnbspnbspspanspanspanendifLarge and medium government entitiesnbspbHighopopbpp classMsoNormal stylemarginleft405pttextindent2025ptmsolistl1 level1 lfo2if supportListsspan stylefontfamilySymbolspan stylemsolistIgnorespan stylefont70pt quotTimes New RomanquotnbspnbspnbspnbspnbspnbspnbspnbspnbspspanspanspanendifSmall government entitiesnbspbHighbopoppp classMsoNormal stylemarginleft5inbopnbspopbpp classMsoNormalbBusinessesopopbpul stylemargintop0in typediscli classMsoNormal stylemsolistl2 level1 lfo3Large and medium business entitiesnbspbHighopopblili classMsoNormal stylemsolistl2 level1 lfo3Small business entitiesnbspbHighopopbliulp classMsoNormal stylemarginleft5inbnbspopopbpp classMsoNormalbHome users Highopopbpp classMsoNormal stylemarginleft5inbnbspopopbpp classMsoNormalbRECOMMENDATIONSopopbpp classMsoNormalbopnbspopbpp classMsoNormalbWe recommend the following actions be takenopopbpp classMsoNormalbopnbspopbpp classMsoNormal stylemarginleft5intextindent25inmsolistl0 level1 lfo4if supportListsspan stylefontfamilySymbolcolorblackspan stylemsolistIgnorespan stylefont70pt quotTimes New Romanquotnbspnbspnbspnbspnbspnbspnbspnbspspanspanspanendifspan stylecolorblackInstall the updates provided by Adobe immediately after appropriate testingopopspanpp classMsoNormal stylemarginleft5intextindent25inmsolistl0 level1 lfo4if supportListsspan stylefontfamilySymbolcolorblackspan stylemsolistIgnorespan stylefont70pt quotTimes New Romanquotnbspnbspnbspnbspnbspnbspnbspnbspspanspanspanendifspan stylecolorblackRemind users not to visit untrusted websites or follow links provided by unknown or untrusted sourcesopopspanpp classMsoNormal stylemarginleft5intextindent25inmsolistl0 level1 lfo4if supportListsspan stylefontfamilySymbolcolorblackspan stylemsolistIgnorespan stylefont70pt quotTimes New Romanquotnbspnbspnbspnbspnbspnbspnbspnbspspanspanspanendifspan stylecolorblackDo not open email attachments from unknown or untrusted sourcesopopspanpp classMsoNormal stylemarginleft5intextindent25inmsolistl0 level1 lfo4if supportListsspan stylefontfamilySymbolcolorblackspan stylemsolistIgnorespan stylefont70pt quotTimes New Romanquotnbspnbspnbspnbspnbspnbspnbspnbspspanspanspanendifspan stylecolorblackbordernone windowtext 10ptpadding0inUninstallspanspan stylecolorblackAdobe Flash Playernbspopopspanpp classMsoNormalspan stylecolorblackbordernone windowtext 10ptpadding0inopnbspopspanpp classMsoNormalbspan stylecolorblackbordernone windowtext 10ptpadding0inREFERENCESopopspanbpp classMsoNormalbspan stylecolorblackbordernone windowtext 10ptpadding0inopnbspopspanbpp classMsoNormalbspan stylecolorblackAdobeopopspanbpp classMsoNormalbspan stylecolorblackopnbspopspanbpp classMsoNormal stylemarginleft5inspan stylecolorblacka hrefhttphelpxadobecomsecurityproductsflashplayerapsb1413html target_blankhttphelpxadobecomsecurityproductsflashplayerapsb1413htmlaopopspanpp classMsoNormalbspan stylecolorblacknbspopopspanbpp classMsoNormalbspan stylecolorblackCVEopopspanbpp classMsoNormalbspan stylecolorblackopnbspopspanbpp classMsoNormal stylemarginleft5inspan stylecolorblacka hrefhttpwwwcvemitreorgcgibincvenamecginameCVE20140515 target_blankhttpwwwcvemitreorgcgibincvenamecginameCVE20140515aopopspanpp classMsoNormal stylemarginleft5inbspan stylecolorblacknbspopopspanbpp classMsoNormalbspan stylecolorblackSecurelistopopspanbpp classMsoNormalbspan stylecolorblackopnbspopspanbpp classMsoNormal stylemarginleft5inspan stylecolorblacka hrefhttpwwwsecurelistcomenblog8212New_Flash_Player_0_day_CVE_2014_0515_used_in_watering_hole_attacks target_blankhttpwwwsecurelistcomenblog8212New_Flash_Player_0_day_CVE_2014_0515_used_in_watering_hole_attacksaopopspanpp classMsoNormalbspan stylecolorblackopnbspopspanbpp classMsoNormalPlease feel free to contact the SC ISAC if you have any questions or need any additional informationopoppp classMsoNormalopnbspoppp classMsoNormalThe SC ISAC will provide amplifying information as it becomes availablebopopbpp classMsoNormalbopnbspopbpp classMsoNormalbSCISAC Contact Informationopopbpp classMsoNormalbopnbspopbpp classMsoNormalEmail SCISACcioscgovopoppp classMsoNormalSC ISAC Security Line 8038961650opoppp classMsoNormal24hour hotline 431 8038960001opoppp classMsoNormalFax 431 8038960375opoppp classMsoNormalopnbspoppp classMsoNormalPostal addressopoppp classMsoNormalopnbspoppp classMsoNormalSCISACopoppp classMsoNormalDSIT Budget and Control Boardopoppp classMsoNormal4430 Broad River Roadopoppp classMsoNormalColumbia SC 29210opoppp classMsoNormalSCISAC is available via hotline 08001700 EST GMT5 EDT GMT4opoppp classMsoNormalMonday through Fridayopoppp classMsoNormalopnbspoppp classMsoNormalbUsing Encryptionopopbpp classMsoNormalbopnbspopbpp classMsoNormalWe strongly urge you to encrypt sensitive information sent by email Ouropoppp classMsoNormalpublic PGP key is available frombopopbpp classMsoNormalbopnbspopbpp classMsoNormalspan stylecolorblackhttpsscisacscgovsitepagescisacpublickeyopopspanpp classMsoNormalbopnbspopbpp classMsoNormalbNO WARRANTYopopbpp classMsoNormalbopnbspopbpp classMsoNormalAny material furnished by SCISAC is furnished on an quotas isquot basisopoppp classMsoNormalopnbspoppp classMsoNormalSCISAC makes no warranties of any kind either expressed or implied as to any matter including but not limited to warranty of fitness for a particular purpose or merchantability exclusivity or results obtained from use of the material SCISAC does not make any warranty of any kind with respect to freedom from patent trademark or copyright infringementopoppp classMsoNormalopnbspoppdivbodyhtml http://www.coastal.edu/its/announcements/portal.html?id=684 Thu, 08 May 2014 09:56:35 EDT Multiple Vulnerabilities in Google Chrome Could Allow Remote Code Execution html xmlnsvurnschemasmicrosoftcomvml xmlnsournschemasmicrosoftcomofficeoffice xmlnswurnschemasmicrosoftcomofficeword xmlnsmhttpschemasmicrosoftcomoffice200412omml xmlnshttpwwww3orgTRREChtml40headmeta httpequivContentType contenttexthtml charsetiso88591meta nameGenerator contentMicrosoft Word 14 filtered mediumif msostylev behaviorurldefaultVMLo behaviorurldefaultVMLw behaviorurldefaultVMLshape behaviorurldefaultVMLstyleendifstyle Font Definitions fontfacefontfamilyWingdingspanose15 0 0 0 0 0 0 0 0 0fontfacefontfamilyWingdingspanose15 0 0 0 0 0 0 0 0 0fontfacefontfamilyCalibripanose12 15 5 2 2 2 4 3 2 4fontfacefontfamilyTahomapanose12 11 6 4 3 5 4 4 2 4 Style Definitions pMsoNormal liMsoNormal divMsoNormalmargin0inmarginbottom0001ptfontsize120ptfontfamilyTimes New RomanserifmsofareastlanguageZHCNalink spanMsoHyperlinkmsostylepriority99colorbluetextdecorationunderlineavisited spanMsoHyperlinkFollowedmsostylepriority99colorpurpletextdecorationunderlinepMsoAcetate liMsoAcetate divMsoAcetatemsostylepriority99msostylelinkBalloon Text Charmargin0inmarginbottom0001ptfontsize80ptfontfamilyTahomasansserifmsofareastlanguageZHCNspanEmailStyle17msostyletypepersonalcomposefontfamilyCalibrisansserifcolorwindowtextspanBalloonTextCharmsostylenameBalloon Text Charmsostylepriority99msostylelinkBalloon TextfontfamilyTahomasansserifMsoChpDefaultmsostyletypeexportonlyfontfamilyCalibrisansserifpage WordSection1size85in 110inmargin10in 10in 10in 10indivWordSection1pageWordSection1 List Definitions list l0msolistid238440486msolisttypehybridmsolisttemplateids706386736 67698689 67698691 67698693 67698689 67698691 67698693 67698689 67698691 67698693list l0level1msolevelnumberformatbulletmsoleveltextF0B7msoleveltabstopnonemsolevelnumberpositionleftmarginleft10intextindent25infontfamilySymbollist l0level2msolevelnumberformatbulletmsoleveltextomsoleveltabstopnonemsolevelnumberpositionleftmarginleft15intextindent25infontfamilyCourier Newlist l0level3msolevelnumberformatbulletmsoleveltextF0A7msoleveltabstopnonemsolevelnumberpositionleftmarginleft20intextindent25infontfamilyWingdingslist l0level4msolevelnumberformatbulletmsoleveltextF0B7msoleveltabstopnonemsolevelnumberpositionleftmarginleft25intextindent25infontfamilySymbollist l0level5msolevelnumberformatbulletmsoleveltextomsoleveltabstopnonemsolevelnumberpositionleftmarginleft30intextindent25infontfamilyCourier Newlist l0level6msolevelnumberformatbulletmsoleveltextF0A7msoleveltabstopnonemsolevelnumberpositionleftmarginleft35intextindent25infontfamilyWingdingslist l0level7msolevelnumberformatbulletmsoleveltextF0B7msoleveltabstopnonemsolevelnumberpositionleftmarginleft40intextindent25infontfamilySymbollist l0level8msolevelnumberformatbulletmsoleveltextomsoleveltabstopnonemsolevelnumberpositionleftmarginleft45intextindent25infontfamilyCourier Newlist l0level9msolevelnumberformatbulletmsoleveltextF0A7msoleveltabstopnonemsolevelnumberpositionleftmarginleft50intextindent25infontfamilyWingdingslist l1msolistid341277890msolisttypehybridmsolisttemplateids210337164 67698689 67698691 67698693 67698689 67698691 67698693 67698689 67698691 67698693list l1level1msolevelnumberformatbulletmsoleveltextF0B7msoleveltabstopnonemsolevelnumberpositionlefttextindent25infontfamilySymbollist l1level2msolevelnumberformatbulletmsoleveltextomsoleveltabstopnonemsolevelnumberpositionlefttextindent25infontfamilyCourier Newlist l1level3msolevelnumberformatbulletmsoleveltextF0A7msoleveltabstopnonemsolevelnumberpositionlefttextindent25infontfamilyWingdingslist l1level4msolevelnumberformatbulletmsoleveltextF0B7msoleveltabstopnonemsolevelnumberpositionlefttextindent25infontfamilySymbollist l1level5msolevelnumberformatbulletmsoleveltextomsoleveltabstopnonemsolevelnumberpositionlefttextindent25infontfamilyCourier Newlist l1level6msolevelnumberformatbulletmsoleveltextF0A7msoleveltabstopnonemsolevelnumberpositionlefttextindent25infontfamilyWingdingslist l1level7msolevelnumberformatbulletmsoleveltextF0B7msoleveltabstopnonemsolevelnumberpositionlefttextindent25infontfamilySymbollist l1level8msolevelnumberformatbulletmsoleveltextomsoleveltabstopnonemsolevelnumberpositionlefttextindent25infontfamilyCourier Newlist l1level9msolevelnumberformatbulletmsoleveltextF0A7msoleveltabstopnonemsolevelnumberpositionlefttextindent25infontfamilyWingdingslist l2msolistid1016152580msolisttypehybridmsolisttemplateids123756540 67698689 503485258 730143842 67698689 67698691 67698693 67698689 67698691 67698693list l2level1msolevelnumberformatbulletmsoleveltextF0B7msoleveltabstopnonemsolevelnumberpositionleftmarginleft405pttextindent2025ptfontfamilySymbolmsoansifontweightboldlist l2level2msolevelstartat0msolevelnumberformatbulletmsoleveltext00B7msoleveltabstopnonemsolevelnumberpositionleftmarginleft765pttextindent2025ptfontfamilyTimes New RomanserifmsofareastfontfamilyTimes New Romanlist l2level3msolevelstartat0msolevelnumberformatbulletmsoleveltext2022msoleveltabstopnonemsolevelnumberpositionleftmarginleft1290pttextindent3675ptfontfamilyTimes New RomanserifmsofareastfontfamilyCalibrilist l2level4msolevelnumberformatbulletmsoleveltextF0B7msoleveltabstopnonemsolevelnumberpositionleftmarginleft14625pttextindent25infontfamilySymbollist l2level5msolevelnumberformatbulletmsoleveltextomsoleveltabstopnonemsolevelnumberpositionleftmarginleft18225pttextindent25infontfamilyCourier Newlist l2level6msolevelnumberformatbulletmsoleveltextF0A7msoleveltabstopnonemsolevelnumberpositionleftmarginleft21825pttextindent25infontfamilyWingdingslist l2level7msolevelnumberformatbulletmsoleveltextF0B7msoleveltabstopnonemsolevelnumberpositionleftmarginleft25425pttextindent25infontfamilySymbollist l2level8msolevelnumberformatbulletmsoleveltextomsoleveltabstopnonemsolevelnumberpositionleftmarginleft29025pttextindent25infontfamilyCourier Newlist l2level9msolevelnumberformatbulletmsoleveltextF0A7msoleveltabstopnonemsolevelnumberpositionleftmarginleft32625pttextindent25infontfamilyWingdingslist l3msolistid1471551277msolisttypehybridmsolisttemplateids1721964042 67698689 67698691 67698693 67698689 67698691 67698693 67698689 67698691 67698693list l3level1msolevelnumberformatbulletmsoleveltextF0B7msoleveltabstopnonemsolevelnumberpositionlefttextindent25infontfamilySymbollist l3level2msolevelnumberformatbulletmsoleveltextomsoleveltabstopnonemsolevelnumberpositionlefttextindent25infontfamilyCourier Newlist l3level3msolevelnumberformatbulletmsoleveltextF0A7msoleveltabstopnonemsolevelnumberpositionlefttextindent25infontfamilyWingdingslist l3level4msolevelnumberformatbulletmsoleveltextF0B7msoleveltabstopnonemsolevelnumberpositionlefttextindent25infontfamilySymbollist l3level5msolevelnumberformatbulletmsoleveltextomsoleveltabstopnonemsolevelnumberpositionlefttextindent25infontfamilyCourier Newlist l3level6msolevelnumberformatbulletmsoleveltextF0A7msoleveltabstopnonemsolevelnumberpositionlefttextindent25infontfamilyWingdingslist l3level7msolevelnumberformatbulletmsoleveltextF0B7msoleveltabstopnonemsolevelnumberpositionlefttextindent25infontfamilySymbollist l3level8msolevelnumberformatbulletmsoleveltextomsoleveltabstopnonemsolevelnumberpositionlefttextindent25infontfamilyCourier Newlist l3level9msolevelnumberformatbulletmsoleveltextF0A7msoleveltabstopnonemsolevelnumberpositionlefttextindent25infontfamilyWingdingsolmarginbottom0inulmarginbottom0instyleif gte mso 9xmloshapedefaults vextedit spidmax1026 xmlendifif gte mso 9xmloshapelayout vexteditoidmap vextedit data1 oshapelayoutxmlendifheadbody langENUS linkblue vlinkpurplediv classWordSection1table classMsoNormalTable border0 cellspacing0 cellpadding0 stylebordercollapsecollapsetbodytrtd width103 valigntop stylewidth7755ptpadding0in 54pt 0in 54ptp classMsoNormalspan stylemsofareastlanguageENUSimg width89 height89 idPicture_x0020_3 srcimagesSCISACbmpspanbopopbptdtd width487 stylewidth36525ptpadding0in 54pt 0in 54ptp classMsoNormalbspan stylefontsize140ptDIS SCISACopopspanbpp classMsoNormalbspan stylefontsize140ptDivision of Information Securityopopspanbpp classMsoNormalbspan stylefontsize140ptSouth Carolina Information Sharing and Analysis Centerspanbopopptdtrtbodytablep classMsoNormalopnbspoppp classMsoNormalbSECURITY ADVISORYbopoppp classMsoNormalopnbspoppp classMsoNormalbDATE ISSUEDb nbspnbspnbspnbspnbspnbsp 4282014span stylecolorredopopspanpp classMsoNormal stylemsomargintopaltautomsomarginbottomaltautobSUBJECTnbspnbspnbspbspan stylecolorblackMultiple Vulnerabilities in Google Chrome Could Allow Remote Code Executionopopspanpp classMsoNormal stylemsomargintopaltautomsomarginbottomaltautobEXECUTIVE SUMMARYopopbpp classMsoNormal stylepagebreakafteravoidMultiple vulnerabilities have been discovered in Google Chrome that could result in remote code execution Google Chrome is a web browser used to access the Internet These vulnerabilities can be exploited if a user visits or is redirected to a specially crafted web page Successful exploitation of these vulnerabilities could result in an attacker gaining the same privileges as the affected application Depending on the privileges associated with the application an attacker could then install programs view change or delete data or create new accounts with full user rightsopoppp classMsoNormal stylepagebreakafteravoidbopnbspopbpp classMsoNormal stylepagebreakafteravoidbTHREAT INTELLIGENCEopopbpp classMsoNormalbopnbspopbpp classMsoNormalAt this time there is no known proofofconcept code availableopoppp classMsoNormalbspan stylecolorblackopnbspopspanbpp classMsoNormalbspan stylecolorblackTECHNICAL SUMMARYopopspanbpp classMsoNormalbspan stylecolorblackopnbspopspanbpp classMsoNormalspan stylecolorblackMultiple vulnerabilities have been reported in Google Chrome Details of the vulnerabilities are as followsopopspanpul stylemargintop0in typediscli classMsoNormal stylecolorblackmsolistl1 level1 lfo1A security vulnerability exists due to a type confusion error in V8opoplili classMsoNormal stylecolorblackmsolistl1 level1 lfo1A security vulnerability exists due to a type confusion error in DOMopoplili classMsoNormal stylecolorblackmsolistl1 level1 lfo1A useafterfree vulnerability exists in the Speech Recognitionnbspnbspnbspnbspnbspnbspnbspnbspnbspnbspnbspnbspnbspnbspnbspnbspnbspnbspnbspnbspnbspnbspnbspnbspnbspnbspnbspnbspnbspnbspnbspnbspnbspnbspnbspnbspnbspnbspnbspnbspnbspnbspnbspnbspnbspnbspnbspnbsp nbspnbspnbspnbspopoplili classMsoNormal stylecolorblackmsolistl1 level1 lfo1A security vulnerability exists that occurs due to an error in the compilation of SeccompBPFopoplili classMsoNormal stylecolorblackmsolistl1 level1 lfo1Multiple security vulnerabilities exist due to an unspecified errornbspnbspnbspnbspnbspnbspopoplili classMsoNormal stylecolorblackmsolistl1 level1 lfo1Multiple security vulnerabilities exist due to an unspecified error in V8opopliulp classMsoNormalspan stylecolorblacknbspnbspnbspnbspnbspopopspanpp classMsoNormalspan stylecolorblackThese vulnerabilities can be exploited if a user visits or is redirected to a specially crafted web pagenbspSuccessful exploitation could result in an attacker gaining the same privileges as the affected application Depending on the privileges associated with the application an attacker could then install programs view change or delete data or create new accounts with full user rights Failed exploit attempts will likely cause denialofservice conditionsopopspanpp classMsoNormalbopnbspopbpp classMsoNormalbopnbspopbpp classMsoNormalbSYSTEMS AFFECTEDopopbpp classMsoNormal stylemsomargintopaltautomsomarginbottomaltautospan stylecolorblackGoogle Chrome Prior to 3401847131opopspanpp classMsoNormal stylemsomargintopaltautomsomarginbottomaltautobRISKopopbpp classMsoNormalbGovernmentopopbpp classMsoNormal stylemarginleft405pttextindent2025ptmsolistl2 level1 lfo2if supportListsspan stylefontfamilySymbolspan stylemsolistIgnorespan stylefont70pt quotTimes New RomanquotnbspnbspnbspnbspnbspnbspnbspnbspnbspspanspanspanendifLarge and medium government entitiesnbspbHighopopbpp classMsoNormal stylemarginleft405pttextindent2025ptmsolistl2 level1 lfo2if supportListsspan stylefontfamilySymbolspan stylemsolistIgnorespan stylefont70pt quotTimes New RomanquotnbspnbspnbspnbspnbspnbspnbspnbspnbspspanspanspanendifSmall government entitiesnbspbHighbopoppp classMsoNormal stylemarginleft5inbopnbspopbpp classMsoNormalbBusinessesopopbpul stylemargintop0in typediscli classMsoNormal stylemsolistl3 level1 lfo3Large and medium business entitiesnbspbHighopopblili classMsoNormal stylemsolistl3 level1 lfo3Small business entitiesnbspbHighopopbliulp classMsoNormal stylemarginleft5inbnbspopopbpp classMsoNormalbHome users Highopopbpp classMsoNormal stylemarginleft5inbnbspopopbpp classMsoNormalbRECOMMENDATIONSopopbpp classMsoNormalbopnbspopbpp classMsoNormalbWe recommend the following actions be takenopopbpp classMsoNormalbopnbspopbpp classMsoNormal stylemarginleft10intextindent25inmsolistl0 level1 lfo4if supportListsspan stylefontfamilySymbolcolorblackspan stylemsolistIgnorespan stylefont70pt quotTimes New Romanquotnbspnbspnbspnbspnbspnbspnbspnbspspanspanspanendifspan stylecolorblackUpdate vulnerable Google Chrome products immediately after appropriate testing by following the steps outlined by Googleopopspanpp classMsoNormal stylemarginleft10intextindent25inmsolistl0 level1 lfo4if supportListsspan stylefontfamilySymbolcolorblackspan stylemsolistIgnorespan stylefont70pt quotTimes New Romanquotnbspnbspnbspnbspnbspnbspnbspnbspspanspanspanendifspan stylecolorblackRun all software as a nonprivileged user one without administrativenbspprivileges to diminish the effects of a successful attackopopspanpp classMsoNormal stylemarginleft10intextindent25inmsolistl0 level1 lfo4if supportListsspan stylefontfamilySymbolcolorblackspan stylemsolistIgnorespan stylefont70pt quotTimes New Romanquotnbspnbspnbspnbspnbspnbspnbspnbspspanspanspanendifspan stylecolorblackRemind users not to visit untrusted websites or follow links provided by unknown or untrusted sourcesopopspanpp classMsoNormal stylemarginleft10intextindent25inmsolistl0 level1 lfo4if supportListsspan stylefontfamilySymbolcolorblackspan stylemsolistIgnorespan stylefont70pt quotTimes New Romanquotnbspnbspnbspnbspnbspnbspnbspnbspspanspanspanendifspan stylecolorblackDo not open email attachments or click on URLs from unknown or untrusted sourcesopopspanpp classMsoNormal stylemarginleft5inspan stylefontsize100ptfontfamilyquotArialquotquotsansserifquotcolorblackopnbspopspanpp classMsoNormalbspan stylecolorblackbordernone windowtext 10ptpadding0inREFERENCESopopspanbpp classMsoNormalbspan stylecolorblackbordernone windowtext 10ptpadding0inopnbspopspanbpp classMsoNormal stylemarginleft5inbspan stylecolorblackGoogleopopspanbpp classMsoNormal stylemarginleft5inbspan stylecolorblackopnbspopspanbpp classMsoNormal stylemarginleft10inspan stylecolorblacka hrefhttpgooglechromereleasesblogspotcom201404stablechannelupdate_24htmlhttpgooglechromereleasesblogspotcom201404stablechannelupdate_24htmlanbspopopspanpp classMsoNormal stylemarginleft5inbspan stylecolorblacknbspopopspanbpp classMsoNormal stylemarginleft5inbspan stylecolorblackCVEbrbropopspanbpp classMsoNormal stylemarginleft10inspan stylecolorblacka hrefhttpcvemitreorgcgibincvenamecginameCVE20141730httpcvemitreorgcgibincvenamecginameCVE20141730aopopspanpp classMsoNormal stylemarginleft10inspan stylecolorblacka hrefhttpcvemitreorgcgibincvenamecginameCVE20141731httpcvemitreorgcgibincvenamecginameCVE20141731aopopspanpp classMsoNormal stylemarginleft10inspan stylecolorblacka hrefhttpcvemitreorgcgibincvenamecginameCVE20141732httpcvemitreorgcgibincvenamecginameCVE20141732aopopspanpp classMsoNormal stylemarginleft10inspan stylecolorblacka hrefhttpcvemitreorgcgibincvenamecginameCVE20141733httpcvemitreorgcgibincvenamecginameCVE20141733aopopspanpp classMsoNormal stylemarginleft10inspan stylecolorblacka hrefhttpcvemitreorgcgibincvenamecginameCVE20141734httpcvemitreorgcgibincvenamecginameCVE20141734aopopspanpp classMsoNormal stylemarginleft10inspan stylecolorblacka hrefhttpcvemitreorgcgibincvenamecginameCVE20141735httpcvemitreorgcgibincvenamecginameCVE20141735aopopspanpp classMsoNormal stylemarginleft10inspan stylecolorblacknbspopopspanpp classMsoNormal stylemarginleft5inbspan stylecolorblackSecurityFocusbrbropopspanbpp classMsoNormal stylemarginleft10inspan stylecolorblacka hrefhttpwwwsecurityfocuscombid67082httpwwwsecurityfocuscombid67082aopopspanpp classMsoNormal stylemarginleft5inspan stylecolorblacknbspopopspanpp classMsoNormalPlease feel free to contact the SC ISAC if you have any questions or need any additional informationopoppp classMsoNormalopnbspoppp classMsoNormalThe SC ISAC will provide amplifying information as it becomes availablebopopbpp classMsoNormalbopnbspopbpp classMsoNormalbSCISAC Contact Informationopopbpp classMsoNormalbopnbspopbpp classMsoNormalEmail SCISACcioscgovopoppp classMsoNormalSC ISAC Security Line 8038961650opoppp classMsoNormal24hour hotline 431 8038960001opoppp classMsoNormalFax 431 8038960375opoppp classMsoNormalopnbspoppp classMsoNormalPostal addressopoppp classMsoNormalopnbspoppp classMsoNormalSCISACopoppp classMsoNormalDSIT Budget and Control Boardopoppp classMsoNormal4430 Broad River Roadopoppp classMsoNormalColumbia SC 29210opoppp classMsoNormalSCISAC is available via hotline 08001700 EST GMT5 EDT GMT4opoppp classMsoNormalMonday through Fridayopoppp classMsoNormalopnbspoppp classMsoNormalbUsing Encryptionopopbpp classMsoNormalbopnbspopbpp classMsoNormalWe strongly urge you to encrypt sensitive information sent by email Ouropoppp classMsoNormalpublic PGP key is available frombopopbpp classMsoNormalbopnbspopbpp classMsoNormalspan stylecolorblackhttpsscisacscgovsitepagescisacpublickeyopopspanpp classMsoNormalbopnbspopbpp classMsoNormalbNO WARRANTYopopbpp classMsoNormalbopnbspopbpp classMsoNormalAny material furnished by SCISAC is furnished on an quotas isquot basisopoppp classMsoNormalopnbspoppp classMsoNormalSCISAC makes no warranties of any kind either expressed or implied as to any matter including but not limited to warranty of fitness for a particular purpose or merchantability exclusivity or results obtained from use of the material SCISAC does not make any warranty of any kind with respect to freedom from patent trademark or copyright infringementopoppp classMsoNormalspan stylefontsize110ptfontfamilyquotCalibriquotquotsansserifquotopnbspopspanpdivbodyhtml http://www.coastal.edu/its/announcements/portal.html?id=683 Tue, 29 Apr 2014 12:01:56 EDT UPDATED: Vulnerability in Internet Explorer Could Allow Remote Code Execution html xmlnsvurnschemasmicrosoftcomvml xmlnsournschemasmicrosoftcomofficeoffice xmlnswurnschemasmicrosoftcomofficeword xmlnsmhttpschemasmicrosoftcomoffice200412omml xmlnshttpwwww3orgTRREChtml40headmeta httpequivContentType contenttexthtml charsetWindows1252meta nameGenerator contentMicrosoft Word 14 filtered mediumif msostylev behaviorurldefaultVMLo behaviorurldefaultVMLw behaviorurldefaultVMLshape behaviorurldefaultVMLstyleendifstyle Font Definitions fontfacefontfamilyWingdingspanose15 0 0 0 0 0 0 0 0 0fontfacefontfamilyWingdingspanose15 0 0 0 0 0 0 0 0 0fontfacefontfamilyCalibripanose12 15 5 2 2 2 4 3 2 4fontfacefontfamilyTahomapanose12 11 6 4 3 5 4 4 2 4 Style Definitions pMsoNormal liMsoNormal divMsoNormalmargin0inmarginbottom0001ptfontsize120ptfontfamilyTimes New RomanserifmsofareastlanguageZHCNalink spanMsoHyperlinkmsostylepriority99colorbluetextdecorationunderlineavisited spanMsoHyperlinkFollowedmsostylepriority99colorpurpletextdecorationunderlinepMsoAcetate liMsoAcetate divMsoAcetatemsostylepriority99msostylelinkBalloon Text Charmargin0inmarginbottom0001ptfontsize80ptfontfamilyTahomasansserifmsofareastlanguageZHCNspanEmailStyle17msostyletypepersonalcomposefontfamilyCalibrisansserifcolorwindowtextspanBalloonTextCharmsostylenameBalloon Text Charmsostylepriority99msostylelinkBalloon TextfontfamilyTahomasansserifMsoChpDefaultmsostyletypeexportonlyfontfamilyCalibrisansserifpage WordSection1size85in 110inmargin10in 10in 10in 10indivWordSection1pageWordSection1 List Definitions list l0msolistid267737697msolisttypehybridmsolisttemplateids458856332 67698689 67698691 67698693 67698689 67698691 67698693 67698689 67698691 67698693list l0level1msolevelnumberformatbulletmsoleveltextF0B7msoleveltabstopnonemsolevelnumberpositionlefttextindent25infontfamilySymbollist l0level2msolevelnumberformatbulletmsoleveltextomsoleveltabstopnonemsolevelnumberpositionlefttextindent25infontfamilyCourier Newlist l0level3msolevelnumberformatbulletmsoleveltextF0A7msoleveltabstopnonemsolevelnumberpositionlefttextindent25infontfamilyWingdingslist l0level4msolevelnumberformatbulletmsoleveltextF0B7msoleveltabstopnonemsolevelnumberpositionlefttextindent25infontfamilySymbollist l0level5msolevelnumberformatbulletmsoleveltextomsoleveltabstopnonemsolevelnumberpositionlefttextindent25infontfamilyCourier Newlist l0level6msolevelnumberformatbulletmsoleveltextF0A7msoleveltabstopnonemsolevelnumberpositionlefttextindent25infontfamilyWingdingslist l0level7msolevelnumberformatbulletmsoleveltextF0B7msoleveltabstopnonemsolevelnumberpositionlefttextindent25infontfamilySymbollist l0level8msolevelnumberformatbulletmsoleveltextomsoleveltabstopnonemsolevelnumberpositionlefttextindent25infontfamilyCourier Newlist l0level9msolevelnumberformatbulletmsoleveltextF0A7msoleveltabstopnonemsolevelnumberpositionlefttextindent25infontfamilyWingdingslist l1msolistid294679793msolisttypehybridmsolisttemplateids907436188 67698689 67698691 67698693 67698689 67698691 67698693 67698689 67698691 67698693list l1level1msolevelnumberformatbulletmsoleveltextF0B7msoleveltabstopnonemsolevelnumberpositionleftmarginleft3825pttextindent25infontfamilySymbollist l1level2msolevelnumberformatbulletmsoleveltextomsoleveltabstopnonemsolevelnumberpositionleftmarginleft7425pttextindent25infontfamilyCourier Newlist l1level3msolevelnumberformatbulletmsoleveltextF0A7msoleveltabstopnonemsolevelnumberpositionleftmarginleft11025pttextindent25infontfamilyWingdingslist l1level4msolevelnumberformatbulletmsoleveltextF0B7msoleveltabstopnonemsolevelnumberpositionleftmarginleft14625pttextindent25infontfamilySymbollist l1level5msolevelnumberformatbulletmsoleveltextomsoleveltabstopnonemsolevelnumberpositionleftmarginleft18225pttextindent25infontfamilyCourier Newlist l1level6msolevelnumberformatbulletmsoleveltextF0A7msoleveltabstopnonemsolevelnumberpositionleftmarginleft21825pttextindent25infontfamilyWingdingslist l1level7msolevelnumberformatbulletmsoleveltextF0B7msoleveltabstopnonemsolevelnumberpositionleftmarginleft25425pttextindent25infontfamilySymbollist l1level8msolevelnumberformatbulletmsoleveltextomsoleveltabstopnonemsolevelnumberpositionleftmarginleft29025pttextindent25infontfamilyCourier Newlist l1level9msolevelnumberformatbulletmsoleveltextF0A7msoleveltabstopnonemsolevelnumberpositionleftmarginleft32625pttextindent25infontfamilyWingdingslist l2msolistid1016152580msolisttypehybridmsolisttemplateids123756540 67698689 503485258 730143842 67698689 67698691 67698693 67698689 67698691 67698693list l2level1msolevelnumberformatbulletmsoleveltextF0B7msoleveltabstopnonemsolevelnumberpositionleftmarginleft405pttextindent2025ptfontfamilySymbolmsoansifontweightboldlist l2level2msolevelstartat0msolevelnumberformatbulletmsoleveltext00B7msoleveltabstopnonemsolevelnumberpositionleftmarginleft765pttextindent2025ptfontfamilyTimes New RomanserifmsofareastfontfamilyTimes New Romanlist l2level3msolevelstartat0msolevelnumberformatbulletmsoleveltext2022msoleveltabstopnonemsolevelnumberpositionleftmarginleft1290pttextindent3675ptfontfamilyTimes New RomanserifmsofareastfontfamilyCalibrilist l2level4msolevelnumberformatbulletmsoleveltextF0B7msoleveltabstopnonemsolevelnumberpositionleftmarginleft14625pttextindent25infontfamilySymbollist l2level5msolevelnumberformatbulletmsoleveltextomsoleveltabstopnonemsolevelnumberpositionleftmarginleft18225pttextindent25infontfamilyCourier Newlist l2level6msolevelnumberformatbulletmsoleveltextF0A7msoleveltabstopnonemsolevelnumberpositionleftmarginleft21825pttextindent25infontfamilyWingdingslist l2level7msolevelnumberformatbulletmsoleveltextF0B7msoleveltabstopnonemsolevelnumberpositionleftmarginleft25425pttextindent25infontfamilySymbollist l2level8msolevelnumberformatbulletmsoleveltextomsoleveltabstopnonemsolevelnumberpositionleftmarginleft29025pttextindent25infontfamilyCourier Newlist l2level9msolevelnumberformatbulletmsoleveltextF0A7msoleveltabstopnonemsolevelnumberpositionleftmarginleft32625pttextindent25infontfamilyWingdingslist l3msolistid1471551277msolisttypehybridmsolisttemplateids1721964042 67698689 67698691 67698693 67698689 67698691 67698693 67698689 67698691 67698693list l3level1msolevelnumberformatbulletmsoleveltextF0B7msoleveltabstopnonemsolevelnumberpositionlefttextindent25infontfamilySymbollist l3level2msolevelnumberformatbulletmsoleveltextomsoleveltabstopnonemsolevelnumberpositionlefttextindent25infontfamilyCourier Newlist l3level3msolevelnumberformatbulletmsoleveltextF0A7msoleveltabstopnonemsolevelnumberpositionlefttextindent25infontfamilyWingdingslist l3level4msolevelnumberformatbulletmsoleveltextF0B7msoleveltabstopnonemsolevelnumberpositionlefttextindent25infontfamilySymbollist l3level5msolevelnumberformatbulletmsoleveltextomsoleveltabstopnonemsolevelnumberpositionlefttextindent25infontfamilyCourier Newlist l3level6msolevelnumberformatbulletmsoleveltextF0A7msoleveltabstopnonemsolevelnumberpositionlefttextindent25infontfamilyWingdingslist l3level7msolevelnumberformatbulletmsoleveltextF0B7msoleveltabstopnonemsolevelnumberpositionlefttextindent25infontfamilySymbollist l3level8msolevelnumberformatbulletmsoleveltextomsoleveltabstopnonemsolevelnumberpositionlefttextindent25infontfamilyCourier Newlist l3level9msolevelnumberformatbulletmsoleveltextF0A7msoleveltabstopnonemsolevelnumberpositionlefttextindent25infontfamilyWingdingslist l4msolistid1598557900msolisttemplateids1694981626list l4level1msolevelnumberformatbulletmsoleveltextF0B7msoleveltabstop5inmsolevelnumberpositionlefttextindent25inmsoansifontsize100ptfontfamilySymbollist l4level2msolevelnumberformatbulletmsoleveltextomsoleveltabstop10inmsolevelnumberpositionlefttextindent25inmsoansifontsize100ptfontfamilyCourier NewmsobidifontfamilyTimes New Romanlist l4level3msolevelnumberformatbulletmsoleveltextF0A7msoleveltabstop15inmsolevelnumberpositionlefttextindent25inmsoansifontsize100ptfontfamilyWingdingslist l4level4msolevelnumberformatbulletmsoleveltextF0A7msoleveltabstop20inmsolevelnumberpositionlefttextindent25inmsoansifontsize100ptfontfamilyWingdingslist l4level5msolevelnumberformatbulletmsoleveltextF0A7msoleveltabstop25inmsolevelnumberpositionlefttextindent25inmsoansifontsize100ptfontfamilyWingdingslist l4level6msolevelnumberformatbulletmsoleveltextF0A7msoleveltabstop30inmsolevelnumberpositionlefttextindent25inmsoansifontsize100ptfontfamilyWingdingslist l4level7msolevelnumberformatbulletmsoleveltextF0A7msoleveltabstop35inmsolevelnumberpositionlefttextindent25inmsoansifontsize100ptfontfamilyWingdingslist l4level8msolevelnumberformatbulletmsoleveltextF0A7msoleveltabstop40inmsolevelnumberpositionlefttextindent25inmsoansifontsize100ptfontfamilyWingdingslist l4level9msolevelnumberformatbulletmsoleveltextF0A7msoleveltabstop45inmsolevelnumberpositionlefttextindent25inmsoansifontsize100ptfontfamilyWingdingsolmarginbottom0inulmarginbottom0instyleif gte mso 9xmloshapedefaults vextedit spidmax1026 xmlendifif gte mso 9xmloshapelayout vexteditoidmap vextedit data1 oshapelayoutxmlendifheadbody langENUS linkblue vlinkpurplediv classWordSection1table classMsoNormalTable border0 cellspacing0 cellpadding0 stylebordercollapsecollapsetbodytrtd width103 valigntop stylewidth7755ptpadding0in 54pt 0in 54ptp classMsoNormalspan stylemsofareastlanguageENUSimg width89 height89 idPicture_x0020_2 srcimagesSCISACbmpspanbopopbptdtd width487 stylewidth36525ptpadding0in 54pt 0in 54ptp classMsoNormalbspan stylefontsize140ptDIS SCISACopopspanbpp classMsoNormalbspan stylefontsize140ptDivision of Information Securityopopspanbpp classMsoNormalbspan stylefontsize140ptSouth Carolina Information Sharing and Analysis Centerspanbopopptdtrtbodytablep classMsoNormalopoppp classMsoNormalbSECURITY ADVISORYbopoppp classMsoNormalopoppp classMsoNormalbDATE ISSUEDb 4282014opoppp classMsoNormal 512014 UPDATEDspan stylecolorredopopspanpp classMsoNormal stylemsomargintopaltautomsomarginbottomaltautobSUBJECTbspan stylecolorblackVulnerability in Internet Explorer Could Allow Remote Code Executionopopspanpp classMsoNormal stylemsomargintopaltautomsomarginbottomaltautobEXECUTIVE SUMMARYopopbpp classMsoNormal stylemsomargintopaltautomsomarginbottomaltautoA vulnerability is currently being exploited in Microsofts web browserspan stylecolorblack Internet Explorer which could allow an attacker to take complete control of an affected system Successful exploitation of this vulnerability could result in an attacker gaining the same privileges as the logged on user Depending on the privileges associated with the user an attacker could then install programs view change or delete data or create new accounts with full user rightsopopspanpp classMsoNormal stylemsomargintopaltautomsomarginbottomaltautobispan stylecolorblackUPDATED EXECUTIVE SUMMARYspanibspan stylecolorblackopopspanpp classMsoNormal stylemsomargintopaltautomsomarginbottomaltautobspan stylecolorblackMicrosoft released updates for Internet Explorer versions 6 through 11 on Windows XP and newerworkstations and Windows server 2003 and newer servers Please note that a security update for XP is available however organizations and users are strongly recommended toexpedite the migration plans for a newer operating system as Windows XP is endoflife as of April 2013 and will no longer be supported by Microsoftspanbspan stylecolorblackopopspanpp classMsoNormal stylepagebreakafteravoidbTHREAT INTELLIGENCEopopbpp classMsoNormalbopopbpp classMsoNormalIt should be noted bsspan stylecolorblackthat there is currently no patch available for this vulnerability andspansbspan stylefontsize100ptfontfamilyArialsansserifcolorblackspanit is currently being exploited in the wild Microsoft is reporting targeted attacks that attempt to exploit this vulnerability in Internet Explorer 6 through Internet Explorer 11opoppp classMsoNormalbspan stylecolorblackopopspanbpp classMsoNormalbspan stylecolorblackTECHNICAL SUMMARYopopspanbpp classMsoNormalbspan stylecolorblackopopspanbpp classMsoNormalspan stylecolorblackA vulnerability has been reported affecting all versions of Internet Explorer that could allow for remote code execution This vulnerability exists due to the way that Internet Explorer accesses an object in memory that has been deleted or has not been properly allocated The vulnerability may corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user within Internet Explorer An attacker could host a specially crafted website designed to take advantage of this vulnerability and then convince or trick an unsuspecting user to visit their siteopopspanpp classMsoNormalspan stylecolorblackopopspanpp classMsoNormalspan stylecolorblackSuccessful exploitation of this vulnerability could result in an attacker gaining the same privileges as the logged on user Depending on the privileges associated with the user an attacker could then install programs view change or delete data or create new accounts with full user rightsopopspanpp classMsoNormalspan stylecolorblackopopspanpp classMsoNormalbspan stylecolorblackIt should be noted that there is currently no patch available for this vulnerability and it is currently being exploited in the wild Microsoft is reporting targeted attacks that attempt to exploit this vulnerability in Internet Explorer 6 and Internet Explorer 11spanbspan stylecolorblackopopspanpp classMsoNormalbopopbpp classMsoNormalbSYSTEMS AFFECTEDopopbpul typediscli classMsoNormal stylecolorblackmsomargintopaltautomsomarginbottomaltautomsolistl0 level1 lfo1Microsoft Internet Explorer 6opoplili classMsoNormal stylecolorblackmsomargintopaltautomsomarginbottomaltautomsolistl0 level1 lfo1Microsoft Internet Explorer 7opoplili classMsoNormal stylecolorblackmsomargintopaltautomsomarginbottomaltautomsolistl0 level1 lfo1Microsoft Internet Explorer 8opoplili classMsoNormal stylecolorblackmsomargintopaltautomsomarginbottomaltautomsolistl0 level1 lfo1Microsoft Internet Explorer 9opoplili classMsoNormal stylecolorblackmsomargintopaltautomsomarginbottomaltautomsolistl0 level1 lfo1Microsoft Internet Explorer 10opoplili classMsoNormal stylecolorblackmsomargintopaltautomsomarginbottomaltautomsolistl0 level1 lfo1Microsoft Internet Explorer 11opopliulp classMsoNormal stylemsomargintopaltautomsomarginbottomaltautobRISKopopbpp classMsoNormalbGovernmentopopbpp classMsoNormal stylemarginleft405pttextindent2025ptmsolistl2 level1 lfo2if supportListsspan stylefontfamilySymbolspan stylemsolistIgnorespan stylefont70pt Times New RomanspanspanspanendifLarge and medium government entitiesbHighopopbpp classMsoNormal stylemarginleft405pttextindent2025ptmsolistl2 level1 lfo2if supportListsspan stylefontfamilySymbolspan stylemsolistIgnorespan stylefont70pt Times New RomanspanspanspanendifSmall government entitiesbHighbopoppp classMsoNormal stylemarginleft5inbopopbpp classMsoNormalbBusinessesopopbpul stylemargintop0in typediscli classMsoNormal stylemsolistl3 level1 lfo3Large and medium business entitiesbHighopopblili classMsoNormal stylemsolistl3 level1 lfo3Small business entitiesbHighopopbliulp classMsoNormal stylemarginleft5inbopopbpp classMsoNormalbHome users Highopopbpp classMsoNormal stylemarginleft5inbopopbpp classMsoNormalbRECOMMENDATIONSopopbpp classMsoNormalbopopbpp classMsoNormalbWe recommend the following actions be takenopopbpp classMsoNormalbopopbpp classMsoNormal stylemarginleft5intextindent1575ptmsolistl1 level1 lfo4if supportListsspan stylefontfamilySymbolcolorblackspan stylemsolistIgnorespan stylefont70pt Times New Romanspanspanspanendifspan stylecolorblackConsider using an alternate browser until a patch is made available for the vulnerable versions of Internet Exploreropopspanpp classMsoNormal stylemarginleft5intextindent1575ptmsolistl1 level1 lfo4if supportListsspan stylefontfamilySymbolcolorblackspan stylemsolistIgnorespan stylefont70pt Times New Romanspanspanspanendifspan stylecolorblackConsider implementing Microsofts Enhanced Mitigation Experience Toolkit EMET as it has been reported to make the vulnerability difficult to exploitopopspanpp classMsoNormal stylemarginleft5intextindent1575ptmsolistl1 level1 lfo4if supportListsspan stylefontfamilySymbolcolorblackspan stylemsolistIgnorespan stylefont70pt Times New Romanspanspanspanendifspan stylecolorblackRun Internet Explorer with Protected Mode enabledopopspanpp classMsoNormal stylemarginleft5intextindent1575ptmsolistl1 level1 lfo4if supportListsspan stylefontfamilySymbolcolorblackspan stylemsolistIgnorespan stylefont70pt Times New Romanspanspanspanendifspan stylecolorblackSet Internet and Local intranet security zone settings to Highopopspanpp classMsoNormal stylemarginleft5intextindent1575ptmsolistl1 level1 lfo4if supportListsspan stylefontfamilySymbolcolorblackspan stylemsolistIgnorespan stylefont70pt Times New Romanspanspanspanendifspan stylecolorblackRemind users not to visit untrusted websites or follow links provided by unknown or untrusted sourcesopopspanpp classMsoNormal stylemarginleft5intextindent1575ptmsolistl1 level1 lfo4if supportListsspan stylefontfamilySymbolcolorblackspan stylemsolistIgnorespan stylefont70pt Times New Romanspanspanspanendifspan stylecolorblackRun all software as a nonprivileged user one without administrative privileges to diminish the effects of a successful attackopopspanpp classMsoNormal stylemarginleft5inspan stylefontsize100ptfontfamilyArialsansserifcolorblackopopspanpp classMsoNormalbspan stylecolorblackbordernone windowtext 10ptpadding0inopopspanbpp classMsoNormalbspan stylecolorblackbordernone windowtext 10ptpadding0inopopspanbpp classMsoNormalbispan stylecolorblackbordernone windowtext 10ptpadding0inUPDATED RECOMMENDATIONSspanispan stylecolorblackbordernone windowtext 10ptpadding0inopopspanbpul stylemargintop0in typediscli classMsoNormal stylecolorblackmsolistl4 level1 lfo5bspan stylebordernone windowtext 10ptpadding0inApply appropriate patches provided by Microsoft to vulnerable systems immediately after appropriate testingopopspanblili classMsoNormal stylecolorblackmsolistl4 level1 lfo5bspan stylebordernone windowtext 10ptpadding0inRun Internet Explorer with Enhanced Protected Mode enabledopopspanblili classMsoNormal stylecolorblackmsolistl4 level1 lfo5bspan stylebordernone windowtext 10ptpadding0inConsider implementing Microsofts Enhanced Mitigation Experience Toolkit EMET Version 40 as it has been reported to make the vulnerability difficult to exploit Please note that earlier versions of EMET is not effective forthis vulnerabilityopopspanbliulp classMsoNormalbspan stylecolorblackbordernone windowtext 10ptpadding0inopopspanbpp classMsoNormalbspan stylecolorblackbordernone windowtext 10ptpadding0inREFERENCESopopspanbpp classMsoNormalbspan stylecolorblackbordernone windowtext 10ptpadding0inopopspanbpp classMsoNormalbspan stylecolorblackFireeyeopopspanbpp classMsoNormalbspan stylecolorblackopopspanbpp classMsoNormal stylemarginleft5inspan stylecolorblacka hrefhttpwwwfireeyecombloguncategorized201404newzerodayexploittargetinginternetexplorerversions9through11identifiedintargetedattackshtmlhttpwwwfireeyecombloguncategorized201404newzerodayexploittargetinginternetexplorerversions9through11identifiedintargetedattackshtmlaopopspanpp classMsoNormal stylemarginleft5inspan stylecolorblackopopspanpp classMsoNormalbspan stylecolorblackMicrosoftbrbropopspanbpp classMsoNormal stylemarginleft5inspan stylecolorblacka hrefhttpstechnetmicrosoftcomenUSlibrarysecurity2963983httpstechnetmicrosoftcomenUSlibrarysecurity2963983aopopspanpp classMsoNormal stylemarginleft5inspan stylecolorblacka hrefhttptechnetmicrosoftcomenUSsecurityjj653751httptechnetmicrosoftcomenUSsecurityjj653751aopopspanpp classMsoNormalbspan stylecolorblackopopspanbpp classMsoNormalbspan stylecolorblackCVEbrbropopspanbpp classMsoNormal stylemarginleft5inspan stylecolorblacka hrefhttpwwwcvemitreorgcgibincvenamecginameCVE20141776httpwwwcvemitreorgcgibincvenamecginameCVE20141776aopopspanpp classMsoNormalspan stylecolorblackopopspanpp classMsoNormalbispan stylecolorblackUPDATED REFERENCESopopspanibpp classMsoNormalspan stylecolorblackopopspanpp classMsoNormalbspan stylecolorblackMicrosoftopopspanbpp classMsoNormal stylemarginleft5inspan stylecolorblackopopspanpp classMsoNormal stylemarginleft5inspan stylecolorblacka hrefhttpstechnetmicrosoftcomlibrarysecurityms14021httpstechnetmicrosoftcomlibrarysecurityms14021aopopspanpp classMsoNormalspan stylecolorblackopopspanpp classMsoNormal stylemarginleft5inspan stylecolorblackopopspanpp classMsoNormalPlease feel free to contact the SC ISAC if you have any questions or need any additional informationopoppp classMsoNormalopoppp classMsoNormalThe SC ISAC will provide amplifying information as it becomes availablebopopbpp classMsoNormalbopopbpp classMsoNormalbSCISAC Contact Informationopopbpp classMsoNormalbopopbpp classMsoNormalEmail SCISACcioscgovopoppp classMsoNormalSC ISAC Security Line 8038961650opoppp classMsoNormal24hour hotline 1 8038960001opoppp classMsoNormalFax 1 8038960375opoppp classMsoNormalopoppp classMsoNormalPostal addressopoppp classMsoNormalopoppp classMsoNormalSCISACopoppp classMsoNormalDSIT Budget and Control Boardopoppp classMsoNormal4430 Broad River Roadopoppp classMsoNormalColumbia SC 29210opoppp classMsoNormalSCISAC is available via hotline 08001700 EST GMT5 EDT GMT4opoppp classMsoNormalMonday through Fridayopoppp classMsoNormalopoppp classMsoNormalbUsing Encryptionopopbpp classMsoNormalbopopbpp classMsoNormalWe strongly urge you to encrypt sensitive information sent by email Ouropoppp classMsoNormalpublic PGP key is available frombopopbpp classMsoNormalbopopbpp classMsoNormalspan stylecolorblackhttpsscisacscgovsitepagescisacpublickeyopopspanpp classMsoNormalbopopbpp classMsoNormalbNO WARRANTYopopbpp classMsoNormalbopopbpp classMsoNormalAny material furnished by SCISAC is furnished on an as is basisopoppp classMsoNormalopoppp classMsoNormalSCISAC makes no warranties of any kind either expressed or implied as to any matter including but not limited to warranty of fitness for a particular purpose or merchantability exclusivity or results obtained from use of the material SCISAC does not make any warranty of any kind with respect to freedom from patent trademark or copyright infringementopoppp classMsoNormalopoppdivbodyhtml http://www.coastal.edu/its/announcements/portal.html?id=682 Mon, 28 Apr 2014 13:45:22 EDT Scheduled maintenance to interrupt internet services DESCRIPTION OF WORKHorry Telephone will upgrade the Tandem IP Core RouterbrbrDATESfrom 3272014 20000 AM until 3272014 60000 AMbrbrIMPACTThis is a serviceaffecting advisory for CCU Internet services and services between Main Campus and University Place http://www.coastal.edu/its/announcements/portal.html?id=681 Tue, 18 Mar 2014 08:36:39 EDT Internet Service interruption scheduled DESCRIPTION OF WORK Spirit and Horry Telephone will be doing an upgradebrbrIMPACTThis is a serviceaffecting advisory on CCUs internet link to Higher Education Centers and University Place brbrDATESfrom 3272014 20000 AM until 3272014 60000 AM http://www.coastal.edu/its/announcements/portal.html?id=680 Mon, 17 Mar 2014 11:18:43 EDT