OpenSUSE and SUSE Linux Enterprise Server CVE-2016-4036 Local Information Disclosure Vulnerability
(c) SANS Internet Storm Center. Creative Commons Attribution-Noncommercial 3.0 United States License.

Enlarge (credit: Nicholas Eckhart)

Office Depot and its sister retailer OfficeMax have stopped using a technically dubious piece of malware-scanning software after two news services caught the stores recommending costly fixes for PC infections that didn't exist.

According to an investigation conducted by KIRO TV News, four out of six stores in Seattle and Portland, Oregon claimed that out-of-the-box PCs showed "symptoms of malware" that required as much as $180 for repairs and protection. The computers, according to the report, had never been connected to the Internet and were diagnosed as free of malware by security firm IOActive. A separate TV News team from WFXT in Boston reported on Friday that the same free scanning service OfficeMax offers similarly misdiagnosed two of three brand-new PCs as potentially infected.

Officials at Office Depot, the parent company that operates both chains, said they are suspending use of software known as PC Health Check for scanning customers' computers for malware. The officials went on to say they didn't condone the conduct reported by the TV news organizations and have undertaken a review of the assertions.

Read 4 remaining paragraphs | Comments

NTP CVE-2016-7433 Local Denial of Service Vulnerability
NTP CVE-2016-7426 Local Denial of Service Vulnerability
NTP CVE-2016-7429 Local Denial of Service Vulnerability
NTP CVE-2016-9310 Denial of Service Vulnerability
NTP CVE-2016-9312 Denial of Service Vulnerability
AppFusions Doxygen for Atlassian Confluence HTML Injection Vulnerability
NTP CVE-2016-7428 Denial of Service Vulnerability
Ipsilon CVE-2016-8638 Denial of Service Vulnerability
PHP 'unserialize()' Function Use After Free Remote Code Execution Vulnerability
Wireshark Multiple Denial of Service Vulnerabilities
MIT Kerberos 5 CVE-2015-2695 Denial of Service Vulnerability

I got hold of a malicious document e-mailed inside a password protected ZIP file.

This time Im not going to write about the maldoc, but about the ZIP file. The password for the ZIP file was mentioned with instructions in the e-mail spammed to many recipients. Obviously this is done in an attempt to bypass detection by e-mail scanners, but with the hope that the recipients would follow the instructions and provide the password when the ZIP application asks for it.

Now I" />

And I hope you can help me with my question: what Windows application does display the ZIP comment by default when a ZIP file is opened?

I tried Windows Explorer, WinZip and 7-Zip, but without success.

If you have an idea, please post a comment.

Didier Stevens
Microsoft MVP Consumer Security

(c) SANS Internet Storm Center. Creative Commons Attribution-Noncommercial 3.0 United States License.
Imlib2 'image.h' Integer Overflow Vulnerability
imlib2 CVE-2014-9762 Denial of Service Vulnerability
imlib2 CVE-2014-9763 Divide-By-Zero Denial of Service Vulnerability
Web vulnerabilities in Siemens S7-300/S7-400/CP343-1/CP443-1
imlib2 CVE-2014-9764 Denial of Service Vulnerability
Siemens SIMATIC CP 1543-1 Privilege Escalation and Denial of Service Vulnerabilities
Apple macOS CVE-2016-7580 Denial of Service Vulnerability
Apple iOS and Mac OS CVE-2016-4670 Local Security Bypass Vulnerability
Apple macOS CVE-2016-7582 Arbitray Code Execution Vulnerability
Apple iOS and Mac OS Multiple Security Bypass Vulnerabilities
Apple iOS Information Disclosure and Denial of Service Vulnerabilities
Jasper 'jpc_tsfb.c' Stack Buffer Overflow Vulnerability
Apple Mac OS X Multiple Remote Code Execution Vulnerabilities

(credit: Ben Hudson)

Symantec, one of the biggest consumer computer security firms in the world, is about to become even bigger with plans to buy LifeLock—an identity-theft protection service.

The proposed $2.3 billion (£1.86 billion) deal has been okayed by the boards of directors of both companies, and is expected to close in the first quarter of 2017, pending regulatory approval.

LifeLock's shareholders will receive $24 (£19.45) per share—a 16 percent premium to its closing price on Friday of $20.75.

Read 6 remaining paragraphs | Comments

GStreamer Bad Plug-ins 'vmnc/vmncdec.c' Information Disclosure Vulnerability
Drupal Core Multiple Security Vulnerabilities
Multiple Symantec Products CVE-2016-5311 DLL Loading Local Privilege Escalation Vulnerability
[RCESEC-2016-009] AppFusions Doxygen for Atlassian Confluence v1.3.2 renderContent() Persistent Cross-Site Scripting
Nginx (Debian-based distros) - Root Privilege Escalation (CVE-2016-1247)
[ERPSCAN-16-034] SAP NetWeaver AS JAVA - XXE vulnerability in BC-BMT-BPM-DSK component
[SECURITY] [DSA 3719-1] wireshark security update
Apache OpenOffice CVE-2016-6803 Local Privilege Escalation Vulnerability
LibTIFF 'tif_print.c' Out Of Bounds Read Denial of Service Vulnerability
Cross-Site Scripting in Check Email WordPress Plugin
Cross-Site Scripting in Huge IT Portfolio Gallery WordPress Plugin
[slackware-security] mozilla-firefox (SSA:2016-323-01)
Internet Storm Center Infocon Status