Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: InfoSec Handlers Diary Blog - SANS Internet Storm Center InfoSec Handlers Diary Blog

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Jump List Files Are OLE Files

Published: 2015-07-12
Last Updated: 2015-07-13 04:36:47 UTC
by Didier Stevens (Version: 1)
1 comment(s)

Jump List files are another type of files that are actually OLE files. They can contain useful data for forensic investigations. There are a couple of tools that can extract information from these files.

Here you can see oledump analyzing an automatic Jump List file:

The stream DestList contains the Jump List data:

There are several sites on the Internet explaining the format of this data, like this one. I used this information to code a plugin for Jump List files:

The plugin takes an option (-f) to condense the information to filenames:

Please post a comment if you have another Jump List tool to share.

Didier Stevens
Microsoft MVP Consumer Security

1 comment(s)
Another Adobe Flash Zero Day

PHP 5.x Security Updates

Published: 2015-07-12
Last Updated: 2015-07-12 00:06:16 UTC
by Guy Bruneau (Version: 1)
0 comment(s)

PHP 5.6.11, 5.5.27 and 5.4.43 were updated fixing numerous bugs in the various components of PHP including CVE-2015-3152. PHP recommend testing and upgrading to the current release. The binaries and packages are available here and the release notes here.



Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot edu

Keywords: CVE20153152 PHP
0 comment(s)
Diary Archives