Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
bananas
on April 28, 2014
|
parent
|
context
|
favorite
| on:
US-CERT recommends not using IE until use-after-fr...
A company I deal with have the following mitigation in place:
Cross fingers until next Tuesday.
bradford
on April 28, 2014
[–]
While you're probably joking, this seems incredibly incompetent since a better mitigation exists:
Disable Adobe's flash plugin on IE.
bananas
on April 28, 2014
|
parent
[–]
Unfortunately I'm not joking. They have 2500 workstations running something written in Adobe Air so no banana with removing flash.
Already__Taken
on April 28, 2014
|
root
|
parent
[–]
AIR should still run with flash. Just the IE plugin needs disabling you don't have to remove flash.
bananas
on April 28, 2014
|
root
|
parent
[–]
The page they hit to launch it uses flash as well. The thing is a giant turd. We're currently rewriting it.
Already__Taken
on April 29, 2014
|
root
|
parent
[–]
Can you register a custom protocol handler like air://example.com/airApp.air and use that link?
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
Cross fingers until next Tuesday.