FireEye’s flagship products are monitoring devices designed to be installed at egress points of large networks, i.e. where traffic flows from the intranet to the internet. An attacker would only have to send an email to a user to gain access to a persistent network tap – the recipient wouldnt even have to read the email, just receiving it would be enough. FireEye have issued a patch for this vulnerability, and customers who have not updated should do so immediately to protect their infrastructure.”]
Source: https://googleprojectzero.blogspot.com/2015/12/fireeye-exploitation-project-zeros.html

