<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<!--[if !mso]><style>v\:* {behavior:url(#default#VML);}
o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);}
.shape {behavior:url(#default#VML);}
</style><![endif]--><style><!--
/* Font Definitions */
@font-face
        {font-family:Helvetica;
        panose-1:2 11 6 4 2 2 2 2 2 4;}
@font-face
        {font-family:Helvetica;
        panose-1:2 11 6 4 2 2 2 2 2 4;}
@font-face
        {font-family:"Calibri Light";
        panose-1:2 15 3 2 2 2 4 3 2 4;}
@font-face
        {font-family:Calibri;
        panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
        {font-family:"Agency FB";
        panose-1:2 11 5 3 2 2 2 2 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
        {margin:0in;
        margin-bottom:.0001pt;
        font-size:12.0pt;
        font-family:"Times New Roman","serif";}
h1
        {mso-style-priority:9;
        mso-style-link:"Heading 1 Char";
        mso-margin-top-alt:auto;
        margin-right:0in;
        mso-margin-bottom-alt:auto;
        margin-left:0in;
        font-size:24.0pt;
        font-family:"Times New Roman","serif";
        font-weight:bold;}
a:link, span.MsoHyperlink
        {mso-style-priority:99;
        color:blue;
        text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
        {mso-style-priority:99;
        color:purple;
        text-decoration:underline;}
p
        {mso-style-priority:99;
        mso-margin-top-alt:auto;
        margin-right:0in;
        mso-margin-bottom-alt:auto;
        margin-left:0in;
        font-size:12.0pt;
        font-family:"Times New Roman","serif";}
span.Heading1Char
        {mso-style-name:"Heading 1 Char";
        mso-style-priority:9;
        mso-style-link:"Heading 1";
        font-family:"Calibri Light","sans-serif";
        color:#2E74B5;}
span.EmailStyle19
        {mso-style-type:personal;
        font-family:"Calibri","sans-serif";
        color:#1F497D;}
span.EmailStyle20
        {mso-style-type:personal-reply;
        font-family:"Calibri","sans-serif";
        color:#1F497D;}
.MsoChpDefault
        {mso-style-type:export-only;
        font-size:10.0pt;}
@page WordSection1
        {size:8.5in 11.0in;
        margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
        {page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang="EN-US" link="blue" vlink="purple">
<div class="WordSection1">
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">There is a new update for windows computers that fixes the bug on internet explorer, if your computer is set to receive updates
<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">Automatically it should get it tonight if not you can run windows update and do it manually<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p> </o:p></span></p>
<div>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><b><i><span style="font-size:14.0pt;font-family:"Agency FB","sans-serif";color:#1F497D">Mario A. Marquez<br>
Systems Administrator Principal<br>
University of Arizona<br>
College of Agriculture and Life Sciences<br>
School of  Plant Sciences<br>
marquezm@email.arizona.edu</span></i></b><span style="font-size:14.0pt;font-family:"Agency FB","sans-serif";color:#1F497D"><br>
<b><i>Office 520-621-1257<br>
Cell 520-429-2902<o:p></o:p></i></b></span></p>
<p class="MsoNormal" style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto"><span style="color:#1F497D"><img width="198" height="96" id="Picture_x0020_1" src="cid:image001.gif@01CF6558.E402F440" alt="UAriz-CALS-logo-247"></span><span style="font-size:14.0pt;font-family:"Agency FB","sans-serif";color:#1F497D"><o:p></o:p></span></p>
</div>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p> </o:p></span></p>
<div>
<div style="border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b><span style="font-size:11.0pt;font-family:"Calibri","sans-serif"">From:</span></b><span style="font-size:11.0pt;font-family:"Calibri","sans-serif""> Plantsci [mailto:plantsci-bounces@cals.arizona.edu]
<b>On Behalf Of </b>Marquez, Mario A - (marquezm)<br>
<b>Sent:</b> Monday, April 28, 2014 1:07 PM<br>
<b>To:</b> plantsci@ag.arizona.edu<br>
<b>Subject:</b> [Plantsci] Don't use internet explorer web browser<br>
<b>Importance:</b> High<o:p></o:p></span></p>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><span style="color:#1F497D">A security update should be coming soon in the meantime be careful</span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p> </o:p></span></p>
<div>
<div>
<div>
<div>
<h1 style="margin:0in;margin-bottom:.0001pt;line-height:25.5pt"><span style="font-family:"Helvetica","sans-serif";color:#333333">Homeland Security: Don't</span><span style="font-family:"Helvetica","sans-serif";color:#333333;font-weight:normal"> use IE due to
 bug</span><span style="font-family:"Helvetica","sans-serif";color:#333333"><o:p></o:p></span></h1>
<div style="border:solid #E6E6E6 1.0pt;padding:0in 0in 0in 0in;margin-left:52.5pt;margin-top:15.0pt;margin-bottom:17.25pt;border-top-left-radius:3px;border-top-right-radius:3px;border-bottom-right-radius:3px;border-bottom-left-radius:3px">
<p class="MsoNormal"><a href="http://www.usatoday.com/staff/793/elizabeth-weise" target="_blank"><b><span style="font-size:9.0pt;color:#4EC4FF;text-decoration:none">Elizabeth Weise, USATODAY</span></b></a><i><span style="font-size:9.0pt;color:#999999;border:none windowtext 1.0pt;padding:0in">3:12
 p.m. EDT April 28, 2014</span></i><o:p></o:p></p>
</div>
<div style="margin-left:7.5pt;margin-bottom:15.0pt;float:left">
<div>
<div style="margin-left:45.0pt;margin-right:22.5pt;float:left">
<div>
<p class="MsoNormal" style="line-height:16.8pt"><span style="font-family:"Arial","sans-serif""><img border="0" id="_x0000_i1025" src="http://www.gannett-cdn.com/-mm-/4f91ba1a6dbab47ff29c5eb6a084f411e2963adc/c=7-0-1110-829&r=x404&c=534x401/local/-/media/USATODAY/USATODAY/2014/04/28/1398703540000-Windows-IE.jpg" alt="Windows IE"><o:p></o:p></span></p>
</div>
<p style="mso-margin-top-alt:4.5pt;margin-right:0in;margin-bottom:0in;margin-left:0in;margin-bottom:.0001pt;line-height:12.0pt">
<i><span style="font-size:8.5pt;font-family:"Arial","sans-serif";color:#646464">(Photo: Microsoft)</span></i><b><span style="font-size:8.5pt;font-family:"Arial","sans-serif";color:#646464"><o:p></o:p></span></b></p>
</div>
</div>
<div>
<div style="margin-left:45.0pt;margin-bottom:11.25pt">
<p class="MsoNormal" style="line-height:16.8pt"><span style="font-size:8.5pt;font-family:"Arial","sans-serif";background:#E0E0E0">SHARE</span><span style="font-size:9.0pt;font-family:"Arial","sans-serif""> 2126</span><b><span style="font-size:6.0pt;font-family:"Arial","sans-serif";color:#999999;text-transform:uppercase">CONNECT</span></b><span style="font-family:"Arial","sans-serif""><a href="https://twitter.com/intent/tweet?url=http://usat.ly/1mRATge&text=Homeland%20Security:%20Don%27t%20use%20IE%20due%20to%20bug&via=usatoday" target="_blank"><span style="font-size:9.0pt;color:black;text-decoration:none"> 396</span><b><span style="font-size:6.0pt;color:#999999;text-transform:uppercase;text-decoration:none">TWEET</span></b></a></span><span style="font-size:9.0pt;font-family:"Arial","sans-serif""> 14</span><b><span style="font-size:6.0pt;font-family:"Arial","sans-serif";color:#999999;text-transform:uppercase">COMMENTEMAIL<span style="border:none windowtext 1.0pt;padding:0in">MORE</span></span></b><span style="font-family:"Arial","sans-serif""><o:p></o:p></span></p>
</div>
</div>
<p style="mso-margin-top-alt:0in;margin-right:0in;margin-bottom:11.25pt;margin-left:45.0pt;line-height:16.5pt">
<span style="font-size:10.5pt;font-family:"Arial","sans-serif";color:#333333">SAN FRANCISCO – The U.S. Department of Homeland security is <a href="http://www.kb.cert.org/vuls/id/222929" target="_blank" title="http://www.kb.cert.org/vuls/id/222929"><span style="color:#1990E5;text-decoration:none">advising</span></a> Americans
 not to use the Internet Explorer Web browser until a fix is found for a serious security flaw that came to light over the weekend.<o:p></o:p></span></p>
<p style="mso-margin-top-alt:0in;margin-right:0in;margin-bottom:11.25pt;margin-left:45.0pt;line-height:16.5pt">
<span style="font-size:10.5pt;font-family:"Arial","sans-serif";color:#333333">The bug was <a href="http://www.fireeye.com/blog/uncategorized/2014/04/new-zero-day-exploit-targeting-internet-explorer-versions-9-through-11-identified-in-targeted-attacks.html" target="_blank" title="http://www.fireeye.com/blog/uncategorized/2014/04/new-zero-day-exploit-targeting-internet-explorer-versions-9-through-11-identified-in-targeted-attacks.html"><span style="color:#1990E5;text-decoration:none">announced</span></a> on
 Saturday by FireEye Research Labs, an Internet security software company based in Milpitas, Calif.<o:p></o:p></span></p>
<p style="mso-margin-top-alt:0in;margin-right:0in;margin-bottom:11.25pt;margin-left:45.0pt;line-height:16.5pt">
<span style="font-size:10.5pt;font-family:"Arial","sans-serif";color:#333333">"We are currently unaware of a practical solution to this problem," the Department of Homeland Security's United States Computer Emergency Readiness Team said in a post Monday morning.<o:p></o:p></span></p>
<p style="mso-margin-top-alt:0in;margin-right:0in;margin-bottom:11.25pt;margin-left:45.0pt;line-height:16.5pt">
<span style="font-size:10.5pt;font-family:"Arial","sans-serif";color:#333333">It recommended that users and administrators "consider employing an alternative Web browser until an official update is available."<o:p></o:p></span></p>
<p style="mso-margin-top-alt:0in;margin-right:0in;margin-bottom:11.25pt;margin-left:45.0pt;line-height:16.5pt">
<span style="font-size:10.5pt;font-family:"Arial","sans-serif";color:#333333">The security flaw allows malicious hackers to get around security protections in the Windows operating system. They then can be infected when visiting a compromised website.<o:p></o:p></span></p>
<p style="mso-margin-top-alt:0in;margin-right:0in;margin-bottom:11.25pt;margin-left:45.0pt;line-height:16.5pt">
<span style="font-size:10.5pt;font-family:"Arial","sans-serif";color:#333333">Because the hack uses a corrupted Adobe Flash file to attack the victim's computer, users can avoid it by turning off Adobe Flash.<o:p></o:p></span></p>
<p style="mso-margin-top-alt:0in;margin-right:0in;margin-bottom:11.25pt;margin-left:45.0pt;line-height:16.5pt">
<span style="font-size:10.5pt;font-family:"Arial","sans-serif";color:#333333">"The attack will not work without Adobe Flash," FireEye said. "Disabling the Flash plugin within IE will prevent the exploit from functioning."<o:p></o:p></span></p>
<p style="mso-margin-top-alt:0in;margin-right:0in;margin-bottom:11.25pt;margin-left:45.0pt;line-height:16.5pt">
<span style="font-size:10.5pt;font-family:"Arial","sans-serif";color:#333333">While the bug affects all versions of Internet Explorer six through 10 it is currently targeting IE9 and IE10, FireEye stated.<o:p></o:p></span></p>
<p style="mso-margin-top-alt:0in;margin-right:0in;margin-bottom:11.25pt;margin-left:45.0pt;line-height:16.5pt">
<span style="font-size:10.5pt;font-family:"Arial","sans-serif";color:#333333">The attacks do not appear to be widespread at this time. Microsoft said it was "aware of limited, targeted attacks that attempt to exploit" the vulnerability.<o:p></o:p></span></p>
<p style="mso-margin-top-alt:0in;margin-right:0in;margin-bottom:11.25pt;margin-left:45.0pt;line-height:16.5pt">
<span style="font-size:10.5pt;font-family:"Arial","sans-serif";color:#333333">These are called "watering hole attacks," said Satnam Narang, a threat researcher with computer security company Symantec in Mountain View, Calif..<o:p></o:p></span></p>
<p style="mso-margin-top-alt:0in;margin-right:0in;margin-bottom:11.25pt;margin-left:45.0pt;line-height:16.5pt">
<span style="font-size:10.5pt;font-family:"Arial","sans-serif";color:#333333">Rather than directly reach out to a victim, the hackers inject their code into a "normal, everyday website" that the victim visits, he said. Code hidden on the site then infects their
 computers.<o:p></o:p></span></p>
<p style="mso-margin-top-alt:0in;margin-right:0in;margin-bottom:11.25pt;margin-left:45.0pt;line-height:16.5pt">
<span style="font-size:10.5pt;font-family:"Arial","sans-serif";color:#333333">"It's called a watering hole attack because if you're a lion, you go to the watering hole because you know that's where the animals go to drink."<o:p></o:p></span></p>
<p style="mso-margin-top-alt:0in;margin-right:0in;margin-bottom:11.25pt;margin-left:45.0pt;line-height:16.5pt">
<span style="font-size:10.5pt;font-family:"Arial","sans-serif";color:#333333">FireEye said the hackers exploiting the bug are calling their campaign "Operation Clandestine Fox."<o:p></o:p></span></p>
<p style="mso-margin-top-alt:0in;margin-right:0in;margin-bottom:11.25pt;margin-left:45.0pt;line-height:16.5pt">
<span style="font-size:10.5pt;font-family:"Arial","sans-serif";color:#333333"><a href="https://technet.microsoft.com/library/security/2963983" target="_blank" title="https://technet.microsoft.com/library/security/2963983"><span style="color:#1990E5;text-decoration:none">Microsoft</span></a> confirmed
 Saturday that it is working to fix the code that allows Internet Explorer versions six through 11 to be exploited by the vulnerability. As of Monday morning, no fix had been posted.<o:p></o:p></span></p>
<p style="mso-margin-top-alt:0in;margin-right:0in;margin-bottom:11.25pt;margin-left:45.0pt;line-height:16.5pt">
<span style="font-size:10.5pt;font-family:"Arial","sans-serif";color:#333333">Microsoft typically releases security patches on the first Tuesday of each month, what's known as Patch Tuesday. The next oneis Tuesday, May 6. Whether the company will release a
 patch for this vulnerability before that isn't known.<o:p></o:p></span></p>
<p style="mso-margin-top-alt:0in;margin-right:0in;margin-bottom:11.25pt;margin-left:45.0pt;line-height:16.5pt">
<span style="font-size:10.5pt;font-family:"Arial","sans-serif";color:#333333">About 55% of PC computers run one of those versions of Internet Explorer, according to the technology research firm NetMarketShare. About 25% run either IE9 or IE10.<o:p></o:p></span></p>
<p style="mso-margin-top-alt:0in;margin-right:0in;margin-bottom:11.25pt;margin-left:45.0pt;line-height:16.5pt">
<span style="font-size:10.5pt;font-family:"Arial","sans-serif";color:#333333">Computer users who are running the Windows XP operating system are out of luck. Microsoft discontinued support of the system on April 8.<o:p></o:p></span></p>
<p style="mso-margin-top-alt:0in;margin-right:0in;margin-bottom:11.25pt;margin-left:45.0pt;line-height:16.5pt">
<span style="font-size:10.5pt;font-family:"Arial","sans-serif";color:#333333">Symantec is offering XP users tools to protect themselves, which it has made available on its <a href="http://www.symantec.com/connect/blogs/zero-day-internet-vulnerability-let-loose-wild" target="_blank" title="http://www.symantec.com/connect/blogs/zero-day-internet-vulnerability-let-loose-wild"><span style="color:#1990E5;text-decoration:none">blog</span></a>.<o:p></o:p></span></p>
</div>
</div>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
</div>
</body>
</html>