Hello, welcome to the Friday, February 21st, 2020 edition of the Sandcented Storm Center's Stormcast.

My name is Johannes Ulrich, and today I'm quoting from Jacksonville, Florida.

Today, Rob wrote up a real neat script in PowerShell that I'm sure incident responders will love.

It collects information about who is currently

using a particular workstation. And well, with Rob Script, you can actually collect this information

throughout your network. Not only that, it will also consult active directory to add phone

numbers and email address of the particular

user. So in the end, you end up with a little table that lists a username, the user's active

director information like phone number and email address, as well as the IP address of the

workstation. The user is currently logged in.

So great thing to then use this table to contact users of affected workstations that you,

for example, need them to just step away from or power down or disconnect from the network

or whatever your plan proposes.

Rob also made the script available on GitHub, so you're not left to just copy-pasting it

from his blog post, and I'm sure as he has updates or so, he'll also push them out on GitHub.

And Adobe today released patches for Adobe After Effects and Media Encoder.

Some have sort of called these emergency patches not to be sure if I agree with that characterization.

Yes, the patches do fix remote code execution vulnerability, but it's not currently being exploited.

And Adobe actually assigned them a priority of three, which sort of indicates that Adobe

doesn't believe that these vulnerabilities will be exploited anytime soon.

Also, neither After Effects nor Media Encoder, I believe, is very heavily used.

It's really more something that sort of content creators install and use on their systems.

...