New Zero-Day Exploit seems pretty convenient

Hi guys,

I was just wanting to get your opinions regarding the Zero Day exploit that was recently uncovered which affects Internet Explorer 6 through to 11.  The first thing that came to mind (after why on earth would anybody still be using Internet Explorer anyway) was to do with how support for Windows XP ended not too long ago.  

Could this be a coincidence, or Microsoft's way of trying to scare people still using XP to upgrade?   It just seems strange to me that this particular vulnerability uses a well known Flash exploit to affect all versions up to and including 11.  

What is your take on this?  Personally, I wouldn't put it past Microsoft to pull a stunt like this.  

Love your videos btw and the community you guys have been building.  Keep up the great work.   =)    

http://www.fireeye.com/blog/uncategorized/2014/04/new-zero-day-exploit-targeting-internet-explorer-versions-9-through-11-identified-in-targeted-attacks.html

I try to never jump to conspiracy when incompetence will do.

You know what?   That wouldn't surprise me either.

All of the above.  They'll do shit like this.  Never put it past them.

I try and keep flash and java off my pc directly do to them being the main problems with exploits.

Sadly some business and schools have to use IE for some legal reason, or at least that is the excuse I have been given.

It seems silly that people can still use the same kinds of exploits in flash and java.  You'd think the holes would have been patched long ago, unless these kinds of exploits can never be truly patched indefinitely.

IE is the only popular browser that doesn't have click to play flash so it's no surprise that it's the browser most affected by this type of bug.

Faulty by design.

Not only has this bug already been squashed, even on Windows XP (http://news.yahoo.com/critical-internet-explorer-flaw-patched-181357069.html?.tsrc=telkomsel), if you're that concerned about it, you can easily prevent Flash from loading on any website whatsoever without your express permission. In Internet Explorer, simply click on the settings gear, click "Mange add-ons", locate "Shockwave Flash Object" and right click it. Click "More Information" and then "Remove All Sites".

Done. Like magic.