<html>
<head>
<meta http-equiv="content-type" content="text/html;
charset=windows-1252">
</head>
<body bgcolor="#FFFFFF" text="#000000">
For anyone running Symantec/Norton products in their institutions,
please be aware. Of particular concern is:<br>
<br>
"CVE-2016-2208<br>
<br>
Symantec antivirus products use common unpackers to extract
malware binaries when scanning a system. A heap overflow
vulnerability in the ASPack unpacker could allow an unauthenticated
remote attacker to gain root privileges on Linux or OSX platforms.
The vulnerability can be triggered remotely using a malicious file
(via email or link) with no user interaction. [2]"<br>
<br>
Nice.<br>
<br>
Wade Sheldon<br>
<br>
<div class="moz-forward-container"><br>
<br>
-------- Forwarded Message --------
<table class="moz-email-headers-table" border="0" cellpadding="0"
cellspacing="0">
<tbody>
<tr>
<th align="RIGHT" nowrap="nowrap" valign="BASELINE">Subject:
</th>
<td>FW: TA16-187A: Symantec and Norton Security Products
Contain Critical Vulnerabilities</td>
</tr>
<tr>
<th align="RIGHT" nowrap="nowrap" valign="BASELINE">Date: </th>
<td>Tue, 5 Jul 2016 18:53:46 +0000</td>
</tr>
<tr>
<th align="RIGHT" nowrap="nowrap" valign="BASELINE">From: </th>
<td>Juan Machado <a class="moz-txt-link-rfc2396E"
href="mailto:juan@ITOS.UGA.EDU"><juan@ITOS.UGA.EDU></a></td>
</tr>
<tr>
<th align="RIGHT" nowrap="nowrap" valign="BASELINE">Reply-To:
</th>
<td>Juan Machado <a class="moz-txt-link-rfc2396E"
href="mailto:juan@ITOS.UGA.EDU"><juan@ITOS.UGA.EDU></a></td>
</tr>
<tr>
<th align="RIGHT" nowrap="nowrap" valign="BASELINE">To: </th>
<td><a class="moz-txt-link-abbreviated"
href="mailto:UGANET@LISTSERV.UGA.EDU">UGANET@LISTSERV.UGA.EDU</a></td>
</tr>
</tbody>
</table>
<br>
<br>
<meta http-equiv="Content-Type" content="text/html;
charset=windows-1252">
<meta name="Generator" content="Microsoft Word 15 (filtered
medium)">
<!--[if !mso]><style>v\:* {behavior:url(#default#VML);}
o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);}
.shape {behavior:url(#default#VML);}
</style><![endif]-->
<title>TA16-187A: Symantec and Norton Security Products Contain
Critical Vulnerabilities</title>
<style><!--
/* Font Definitions */
@font-face
{font-family:Wingdings;
panose-1:5 0 0 0 0 0 0 0 0 0;}
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman",serif;}
h3
{mso-style-priority:9;
mso-style-link:"Heading 3 Char";
mso-margin-top-alt:auto;
margin-right:0in;
mso-margin-bottom-alt:auto;
margin-left:0in;
font-size:13.5pt;
font-family:"Times New Roman",serif;
font-weight:bold;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
p
{mso-style-priority:99;
mso-margin-top-alt:auto;
margin-right:0in;
mso-margin-bottom-alt:auto;
margin-left:0in;
font-size:12.0pt;
font-family:"Times New Roman",serif;}
p.msonormal0, li.msonormal0, div.msonormal0
{mso-style-name:msonormal;
mso-margin-top-alt:auto;
margin-right:0in;
mso-margin-bottom-alt:auto;
margin-left:0in;
font-size:12.0pt;
font-family:"Times New Roman",serif;}
span.Heading3Char
{mso-style-name:"Heading 3 Char";
mso-style-priority:9;
mso-style-link:"Heading 3";
font-family:"Calibri Light",sans-serif;
color:#1F4D78;}
span.EmailStyle20
{mso-style-type:personal-reply;
font-family:"Calibri",sans-serif;
color:#1F497D;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
/* List Definitions */
@list l0
{mso-list-id:1930823;
mso-list-template-ids:-1205311664;}
@list l0:level1
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l0:level2
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:1.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:"Courier New";
mso-bidi-font-family:"Times New Roman";}
@list l0:level3
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:1.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l0:level4
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:2.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l0:level5
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:2.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l0:level6
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:3.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l0:level7
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:3.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l0:level8
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:4.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l0:level9
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:4.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l1
{mso-list-id:240679754;
mso-list-template-ids:931554376;}
@list l1:level1
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l1:level2
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:1.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:"Courier New";
mso-bidi-font-family:"Times New Roman";}
@list l1:level3
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:1.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l1:level4
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:2.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l1:level5
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:2.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l1:level6
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:3.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l1:level7
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:3.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l1:level8
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:4.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l1:level9
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:4.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l2
{mso-list-id:424309045;
mso-list-template-ids:-1285401146;}
@list l2:level1
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l2:level2
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:1.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:"Courier New";
mso-bidi-font-family:"Times New Roman";}
@list l2:level3
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:1.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l2:level4
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:2.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l2:level5
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:2.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l2:level6
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:3.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l2:level7
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:3.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l2:level8
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:4.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l2:level9
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:4.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l3
{mso-list-id:698317546;
mso-list-template-ids:-2086741866;}
@list l3:level1
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l3:level2
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:1.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:"Courier New";
mso-bidi-font-family:"Times New Roman";}
@list l3:level3
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:1.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l3:level4
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:2.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l3:level5
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:2.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l3:level6
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:3.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l3:level7
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:3.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l3:level8
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:4.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l3:level9
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:4.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l4
{mso-list-id:1077283383;
mso-list-template-ids:460469540;}
@list l4:level1
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l4:level2
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:1.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:"Courier New";
mso-bidi-font-family:"Times New Roman";}
@list l4:level3
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:1.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l4:level4
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:2.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l4:level5
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:2.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l4:level6
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:3.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l4:level7
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:3.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l4:level8
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:4.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l4:level9
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:4.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l5
{mso-list-id:1229463779;
mso-list-template-ids:-1565228406;}
@list l5:level1
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l5:level2
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:1.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:"Courier New";
mso-bidi-font-family:"Times New Roman";}
@list l5:level3
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:1.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l5:level4
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:2.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l5:level5
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:2.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l5:level6
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:3.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l5:level7
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:3.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l5:level8
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:4.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l5:level9
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:4.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l6
{mso-list-id:1246307199;
mso-list-template-ids:-83355852;}
@list l6:level1
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l6:level2
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:1.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:"Courier New";
mso-bidi-font-family:"Times New Roman";}
@list l6:level3
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:1.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l6:level4
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:2.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l6:level5
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:2.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l6:level6
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:3.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l6:level7
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:3.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l6:level8
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:4.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l6:level9
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:4.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l7
{mso-list-id:1476877772;
mso-list-template-ids:1203520756;}
@list l7:level1
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l7:level2
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:1.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:"Courier New";
mso-bidi-font-family:"Times New Roman";}
@list l7:level3
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:1.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l7:level4
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:2.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l7:level5
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:2.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l7:level6
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:3.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l7:level7
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:3.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l7:level8
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:4.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l7:level9
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:4.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l8
{mso-list-id:1520654447;
mso-list-template-ids:-723504106;}
@list l8:level1
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l8:level2
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:1.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:"Courier New";
mso-bidi-font-family:"Times New Roman";}
@list l8:level3
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:1.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l8:level4
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:2.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l8:level5
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:2.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l8:level6
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:3.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l8:level7
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:3.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l8:level8
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:4.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l8:level9
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:4.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l9
{mso-list-id:1949196245;
mso-list-template-ids:1613400346;}
@list l9:level1
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l9:level2
{mso-level-number-format:bullet;
mso-level-text:o;
mso-level-tab-stop:1.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:"Courier New";
mso-bidi-font-family:"Times New Roman";}
@list l9:level3
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:1.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l9:level4
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:2.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l9:level5
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:2.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l9:level6
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:3.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l9:level7
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:3.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l9:level8
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:4.0in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
@list l9:level9
{mso-level-number-format:bullet;
mso-level-text:\F0A7;
mso-level-tab-stop:4.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Wingdings;}
ol
{margin-bottom:0in;}
ul
{margin-bottom:0in;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
<div class="WordSection1">
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D">In
case anybody out there with Symantec or Norton …<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D">“…
the issue can be exploited in a very simple manner. Because
the flaw resides in the scanning engine itself, which opens
and reads ANY file, not just those the user manually
selected for a scan, the crook can simply send an exploit
package via email or a link pointing to a Web-hosted
exploit. The engine will scan its content automatically and
compromise the user's machine, no user interaction needed.”<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D">Absolutely
no user intervention, and it's guaranteed to execute with
system level access.<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D"><o:p> </o:p></span></p>
<div>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D">Thanks<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span
style="font-size:10.5pt;font-family:"Arial",sans-serif;color:#1F497D">Juan
Machado, MSCS, CISSP, VCP-DCV, PMP<br>
IT Associate Director<br>
Carl Vinson Institute of Government<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:10.5pt;font-family:"Arial",sans-serif;color:#1F497D">The
University of Georgia<br>
<br>
1180 East Broad Street | Athens, GA 30602<br>
Phone: 706-542-5308 | Fax: 706-542-6535<br>
<a moz-do-not-send="true" href="mailto:juan@itos.uga.edu">juan@itos.uga.edu</a><br>
<a moz-do-not-send="true"
href="http://vinsoninstitute.org/">www.vinsoninstitute.org</a></span><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D"><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><b><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D"><img
id="Picture_x0020_1"
src="cid:part6.9F2723AB.295B0868@uga.edu"
alt="signaturelogo" height="82" border="0" width="255"></span></b><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D"><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D"><o:p> </o:p></span></p>
</div>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D"><o:p> </o:p></span></p>
<div>
<div style="border:none;border-top:solid #E1E1E1
1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif">From:</span></b><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif">
US-CERT [<a class="moz-txt-link-freetext"
href="mailto:US-CERT@ncas.us-cert.gov">mailto:US-CERT@ncas.us-cert.gov</a>]
<br>
<b>Sent:</b> Tuesday, July 05, 2016 1:11 PM<br>
<b>To:</b> Juan Machado <a
class="moz-txt-link-rfc2396E"
href="mailto:juan@itos.uga.edu"><a class="moz-txt-link-rfc2396E" href="mailto:juan@itos.uga.edu"><juan@itos.uga.edu></a></a><br>
<b>Subject:</b> TA16-187A: Symantec and Norton Security
Products Contain Critical Vulnerabilities<o:p></o:p></span></p>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<div align="center">
<table class="MsoNormalTable" style="width:525.0pt" border="0"
cellpadding="0" cellspacing="0" width="700">
<tbody>
<tr>
<td style="padding:0in 0in 0in 0in">
<p><img moz-do-not-send="true" id="_x0000_i1025"
src="http://content.govdelivery.com/attachments/fancy_images/USDHSUSCERT/2015/11/675988/us-cert-banner-700x100-2_original.png"
alt="U.S. Department of Homeland Security US-CERT"
height="100" border="0" width="700"><o:p></o:p></p>
<p>National Cyber Awareness System:<o:p></o:p></p>
<p> <o:p></o:p></p>
<div style="margin-bottom:24.0pt">
<div style="margin-bottom:.05in">
<p class="MsoNormal"><b><span
style="font-size:14.5pt"><a
moz-do-not-send="true"
href="https://www.us-cert.gov/ncas/alerts/TA16-187A">TA16-187A:
Symantec and Norton Security Products
Contain Critical Vulnerabilities</a><o:p></o:p></span></b></p>
</div>
<div style="margin-bottom:.05in">
<p class="MsoNormal"><i><span
style="font-size:11.0pt;color:#666666">07/05/2016
10:50 AM EDT<o:p></o:p></span></i></p>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<div style="margin-bottom:.05in">
<p class="MsoNormal">Original release date: July
05, 2016<o:p></o:p></p>
<h3>Systems Affected<o:p></o:p></h3>
<p>All Symantec and Norton branded antivirus
products<o:p></o:p></p>
<h3>Overview<o:p></o:p></h3>
<p>Symantec and Norton branded antivirus products
contain multiple vulnerabilities. Some of these
products are in widespread use throughout
government and industry. Exploitation of these
vulnerabilities could allow a remote attacker to
take control of an affected system.<o:p></o:p></p>
<h3>Description<o:p></o:p></h3>
<p>The vulnerabilities are listed below:<o:p></o:p></p>
<p>CVE-2016-2207<o:p></o:p></p>
<p
style="margin-left:.5in;text-indent:-.25in;mso-list:l0
level1 lfo1"><!--[if !supportLists]--><span
style="font-size:10.0pt;font-family:Symbol"><span
style="mso-list:Ignore">·<span
style="font:7.0pt "Times New
Roman""> </span></span></span><!--[endif]-->Symantec
Antivirus multiple remote memory corruption
unpacking RAR [<a moz-do-not-send="true"
href="https://bugs.chromium.org/p/project-zero/issues/detail?id=810">1</a>]<o:p></o:p></p>
<p>CVE-2016-2208<o:p></o:p></p>
<ul type="disc">
<li class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l9
level1 lfo2"> Symantec antivirus products use
common unpackers to extract malware binaries
when scanning a system. A heap overflow
vulnerability in the ASPack unpacker could
allow an unauthenticated remote attacker to
gain root privileges on Linux or OSX
platforms. The vulnerability can be triggered
remotely using a malicious file (via email or
link) with no user interaction. [<a
moz-do-not-send="true"
href="http://googleprojectzero.blogspot.com/2016/06/how-to-compromise-enterprise-endpoint.html">2</a>]<o:p></o:p></li>
</ul>
<p>CVE-2016-2209 <o:p></o:p></p>
<ul type="disc">
<li class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l3
level1 lfo3"> Symantec: PowerPoint misaligned
stream-cache remote stack buffer overflow [<a
moz-do-not-send="true"
href="https://bugs.chromium.org/p/project-zero/issues/detail?id=823">3</a>]<o:p></o:p></li>
</ul>
<p>CVE-2016-2210<o:p></o:p></p>
<ul type="disc">
<li class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l8
level1 lfo4"> Symantec: Remote Stack Buffer
Overflow in dec2lha library [<a
moz-do-not-send="true"
href="https://bugs.chromium.org/p/project-zero/issues/detail?id=814">4</a>] <o:p></o:p></li>
</ul>
<p>CVE-2016-2211<o:p></o:p></p>
<ul type="disc">
<li class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l7
level1 lfo5"> Symantec: Symantec Antivirus
multiple remote memory corruption unpacking
MSPACK Archives [<a moz-do-not-send="true"
href="https://bugs.chromium.org/p/project-zero/issues/detail?id=816">5</a>]<o:p></o:p></li>
</ul>
<p>CVE-2016-3644<o:p></o:p></p>
<ul type="disc">
<li class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l6
level1 lfo6"> Symantec: Heap overflow
modifying MIME messages [<a
moz-do-not-send="true"
href="https://bugs.chromium.org/p/project-zero/issues/detail?id=818">6</a>] <o:p></o:p></li>
</ul>
<p>CVE-2016-3645<o:p></o:p></p>
<ul type="disc">
<li class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l4
level1 lfo7"> Symantec: Integer Overflow in
TNEF decoder [<a moz-do-not-send="true"
href="https://bugs.chromium.org/p/project-zero/issues/detail?id=819">7</a>] <o:p></o:p></li>
</ul>
<p>CVE-2016 -3646<o:p></o:p></p>
<ul type="disc">
<li class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l2
level1 lfo8"> Symantec: missing bounds checks
in dec2zip ALPkOldFormatDecompressor::UnShrink
[<a moz-do-not-send="true"
href="https://bugs.chromium.org/p/project-zero/issues/detail?id=821">8</a>]<o:p></o:p></li>
</ul>
<p> <o:p></o:p></p>
<h3>Impact<o:p></o:p></h3>
<p>The large number of products affected (24
products), across multiple platforms (OSX,
Windows, and Linux), and the severity of these
vulnerabilities (remote code execution at root
or SYSTEM privilege) make this a very serious
event. A remote, unauthenticated attacker may be
able to run arbitrary code at root or SYSTEM
privileges by taking advantage of these
vulnerabilities. Some of the vulnerabilities
require no user interaction and are
network-aware, which could result in a
wormable-event.<o:p></o:p></p>
<h3>Solution<o:p></o:p></h3>
<p>Symantec has provided patches or hotfixes to
these vulnerabilities in their SYM16-008 [<a
moz-do-not-send="true"
href="https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2016&suid=20160516_00">9</a>]
and SYM16-010 [<a moz-do-not-send="true"
href="https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160628_00">10</a>]
security advisories.<o:p></o:p></p>
<p>US-CERT encourages users and network
administrators to patch Symantec or Norton
antivirus products immediately. While there has
been no evidence of exploitation, the ease of
attack, widespread nature of the products, and
severity of the exploit may make this
vulnerability a popular target.<o:p></o:p></p>
<h3>References<o:p></o:p></h3>
<ul type="disc">
<li class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l1
level1 lfo9"> <a moz-do-not-send="true"
href="https://bugs.chromium.org/p/project-zero/issues/detail?id=810">[1]
Symantec Antivirus multiple remote memory
corruption unpacking RAR</a><o:p></o:p></li>
<li class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l1
level1 lfo9"> <a moz-do-not-send="true"
href="http://googleprojectzero.blogspot.com/2016/06/how-to-compromise-enterprise-endpoint.html">[2]
How to Compromise the Enterprise Endpoint</a><o:p></o:p></li>
<li class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l1
level1 lfo9"> <a moz-do-not-send="true"
href="https://bugs.chromium.org/p/project-zero/issues/detail?id=823">[3]
Symantec: PowerPoint misaligned stream-cache
remote stack buffer overflow</a><o:p></o:p></li>
<li class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l1
level1 lfo9"> <a moz-do-not-send="true"
href="https://bugs.chromium.org/p/project-zero/issues/detail?id=814">[4]
Symantec: Remote Stack Buffer Overflow in
dec2lha library</a><o:p></o:p></li>
<li class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l1
level1 lfo9"> <a moz-do-not-send="true"
href="https://bugs.chromium.org/p/project-zero/issues/detail?id=816">[5]
Symantec: Symantec Antivirus multiple remote
memory corruption unpacking MSPACK Archives</a><o:p></o:p></li>
<li class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l1
level1 lfo9"> <a moz-do-not-send="true"
href="https://bugs.chromium.org/p/project-zero/issues/detail?id=818">[6]
Symantec: Heap overflow modifying MIME
messages</a><o:p></o:p></li>
<li class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l1
level1 lfo9"> <a moz-do-not-send="true"
href="https://bugs.chromium.org/p/project-zero/issues/detail?id=819">[7]
Symantec: Integer Overflow in TNEF decoder</a><o:p></o:p></li>
<li class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l1
level1 lfo9"> <a moz-do-not-send="true"
href="https://bugs.chromium.org/p/project-zero/issues/detail?id=821">[8]
Symantec: missing bounds checks in dec2zip
ALPkOldFormatDecompressor::UnShrink</a><o:p></o:p></li>
<li class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l1
level1 lfo9"> <a moz-do-not-send="true"
href="https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2016&suid=20160516_00">[9]
Symantec SYM16-008 security advisory</a><o:p></o:p></li>
<li class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l1
level1 lfo9"> <a moz-do-not-send="true"
href="https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160628_00">[10]
Symantec SYM16-010 security advisory</a><o:p></o:p></li>
</ul>
<h3>Revision History<o:p></o:p></h3>
<ul type="disc">
<li class="MsoNormal"
style="mso-margin-top-alt:auto;mso-margin-bottom-alt:auto;mso-list:l5
level1 lfo10"> July 5, 2016: Initial Release<o:p></o:p></li>
</ul>
<div class="MsoNormal" style="text-align:center"
align="center">
<hr align="center" size="2" width="100%"> </div>
<p>This product is provided subject to this <a
moz-do-not-send="true"
href="http://www.us-cert.gov/privacy/notification">
Notification</a> and this <a
moz-do-not-send="true"
href="http://www.us-cert.gov/privacy/">Privacy
& Use</a> policy.<o:p></o:p></p>
</div>
</div>
<div id="mail_footer">
<div class="MsoNormal" style="text-align:center"
align="center">
<hr align="center" size="2" width="100%"> </div>
<table class="MsoNormalTable" style="width:100.0%"
border="0" cellpadding="0" cellspacing="0"
width="100%">
<tbody>
<tr style="height:45.0pt">
<td style="width:89.0%;padding:0in 0in 0in
0in;height:45.0pt" width="89%">
<p class="MsoNormal"><span
style="font-size:7.5pt;font-family:"Arial",sans-serif;color:#757575">A
copy of this publication is available at
<a moz-do-not-send="true"
href="https://www.us-cert.gov"
title="US-CERT">www.us-cert.gov</a>.
If you need help or have questions,
please send an email to <a
moz-do-not-send="true"
href="mailto:info@us-cert.gov"
title="Mail to info@us-cert.gov"><a class="moz-txt-link-abbreviated" href="mailto:info@us-cert.gov">info@us-cert.gov</a></a>.
Do not reply to this message since this
email was sent from a notification-only
address that is not monitored. To ensure
you receive future US-CERT products,
please add <a moz-do-not-send="true"
href="mailto:US-CERT@ncas.us-cert.gov">US-CERT@ncas.us-cert.gov</a>
to your address book.<o:p></o:p></span></p>
</td>
</tr>
</tbody>
</table>
<p class="MsoNormal"><span style="display:none"><o:p> </o:p></span></p>
<table class="MsoNormalTable" style="width:300.0pt"
border="0" cellpadding="0" cellspacing="0"
width="400">
<tbody>
<tr style="height:.25in">
<td style="padding:0in 0in 0in
0in;height:.25in" valign="bottom">
<p class="MsoNormal"><span
style="font-size:9.0pt;font-family:"Arial",sans-serif;color:#666666">OTHER
RESOURCES:<o:p></o:p></span></p>
</td>
</tr>
<tr style="height:.25in">
<td style="padding:0in 0in 0in
0in;height:.25in">
<p class="MsoNormal"><span
style="font-size:9.0pt;font-family:"Arial",sans-serif;color:#666666"><a
moz-do-not-send="true"
href="http://www.us-cert.gov/contact-us/"
target="_blank">Contact Us</a> | <a
moz-do-not-send="true"
href="http://www.us-cert.gov/security-publications"
target="_blank">Security Publications</a>
| <a moz-do-not-send="true"
href="http://www.us-cert.gov/ncas"
target="_blank">Alerts and Tips</a> |
<a moz-do-not-send="true"
href="http://www.us-cert.gov/related-resources"
target="_blank"> Related Resources</a>
<o:p></o:p></span></p>
</td>
</tr>
</tbody>
</table>
<p class="MsoNormal"><span style="display:none"><o:p> </o:p></span></p>
<table class="MsoNormalTable" style="width:112.5pt"
border="0" cellpadding="0" cellspacing="0"
width="150">
<tbody>
<tr style="height:.25in">
<td colspan="7" style="padding:0in 0in 0in
0in;height:.25in" valign="bottom">
<p class="MsoNormal"><span
style="font-size:9.0pt;font-family:"Arial",sans-serif;color:#666666">STAY
CONNECTED:<o:p></o:p></span></p>
</td>
</tr>
<tr>
<td style="width:30.75pt;padding:0in 0in 0in
0in" width="41">
<p class="MsoNormal"><a
moz-do-not-send="true"
href="http://public.govdelivery.com/accounts/USDHSUSCERT/subscriber/new"><span
style="text-decoration:none"><img
class="uvobgnkszlavnqspwiek"
moz-do-not-send="true"
id="_x0000_i1028"
src="https://service.govdelivery.com/banners/GOVDELIVERY/SOCIAL_MEDIA/envelope.gif"
alt="Sign up for email updates"
height="25" border="0" width="25"></span></a><o:p></o:p></p>
<br>
</td>
<td style="padding:0in 0in 0in 0in"><br>
</td>
<td style="padding:0in 0in 0in 0in"><br>
</td>
<td style="padding:0in 0in 0in 0in"><br>
</td>
<td style="padding:0in 0in 0in 0in"><br>
</td>
<td style="padding:0in 0in 0in 0in"><br>
</td>
<td style="padding:0in 0in 0in 0in"><br>
</td>
</tr>
</tbody>
</table>
<p><span
style="font-size:9.0pt;font-family:"Arial",sans-serif;color:#666666">SUBSCRIBER
SERVICES:<br>
<a moz-do-not-send="true"
href="http://public.govdelivery.com/accounts/USDHSUSCERT/subscribers/new?preferences=true"
target="_blank">Manage Preferences</a> | <a
moz-do-not-send="true"
href="https://public.govdelivery.com/accounts/USDHSUSCERT/subscriber/one_click_unsubscribe?verification=5.8eacbb789c540cc5e07c2cc1e088cbfc&destination=juan%40itos.uga.edu"
target="_blank">Unsubscribe</a> | <a
moz-do-not-send="true"
href="https://subscriberhelp.govdelivery.com/">Help</a><o:p></o:p></span></p>
</div>
<div id="tagline">
<div class="MsoNormal" style="text-align:center"
align="center">
<hr align="center" size="2" width="100%"> </div>
<table class="MsoNormalTable" style="width:100.0%"
border="0" cellpadding="0" cellspacing="0"
width="100%">
<tbody>
<tr>
<td style="width:89.0%;padding:0in 0in 0in
0in" width="89%">
<p class="MsoNormal"><span
style="font-size:7.5pt;font-family:"Arial",sans-serif;color:#757575">This
email was sent to <a
moz-do-not-send="true"
href="mailto:juan@itos.uga.edu"><a class="moz-txt-link-abbreviated" href="mailto:juan@itos.uga.edu">juan@itos.uga.edu</a></a>
using GovDelivery, on behalf of: United
States Computer Emergency Readiness Team
(US-CERT) · 245 Murray Lane SW Bldg 410
· Washington, DC 20598 · (888) 282-0870
<o:p></o:p></span></p>
</td>
<td style="width:11.0%;padding:0in 0in 0in
0in" width="11%">
<p class="MsoNormal"
style="text-align:right" align="right"><a
moz-do-not-send="true"
href="http://www.govdelivery.com/portals/powered-by"
target="_blank"><span
style="text-decoration:none"><img
class="uvobgnkszlavnqspwiek"
moz-do-not-send="true"
id="_x0000_i1030"
src="https://service.govdelivery.com/banners/GOVDELIVERY/logo_gd_poweredby.gif"
alt="Powered by GovDelivery"
height="35" border="0" width="115"></span></a><o:p></o:p></p>
<br>
</td>
</tr>
</tbody>
</table>
</div>
</td>
</tr>
</tbody>
</table>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
</div>
</body>
</html>