Preface: There are many reasons to encounter win32k.sys problems. Most issues related to SYS files involve blue crashes in past.
Background: win32k.sys is a valid program that is required to run at startup.The Graphics Device Interface Provides functionality for outputting graphical content to monitors, printers and other output devices. It resides in gdi.exe on 16-bit Windows, and gdi32.dll on 32-bit Windows in user-mode. Kernel-mode GDI support is provided by win32k.sys which communicates directly with the graphics driver. What is the difference if System Call filtering had been enabled. This may be examined by using the W32pServiceTableFilter instead.
Vulnerability details: A zero day vulnerability occurred in win32k callback, it could be used to escape the sandbox of Microsoft IE browser or Adobe Reader on the lasted Windows 10 version.
Attack Vector: Tricking a legitimate user into opening a malicious document
Preface: Unlike Windows or MacOS which push out software updates to users automatically, it is up to developers to look for Linux kernel updates on their own.
Background: The futex() system call provides a method for waiting until a certain condition becomes true. It is typically used as a blocking construct in the context of shared-memory synchronization.
in the user-space fastpath a PI-enabled futex involves no kernel work (or any other PI complexity) at all. No registration, no extra kernel calls – just pure fast atomic ops in userspace.
Vulnerability details: An issue was discovered in the Linux kernel through 5.10.11. PI futexes have a kernel stack use-after-free during fault handling, allowing local users to execute code in the kernel, aka CID-34b1a1ce1458. See whether attached diagram can give you hints on the matter.
Comments: Perhaps you have doubts when aware this vulnerability? Can we maintain this statement say, Linux is secure than windows OS. But don’t forget that hacker likes Microsoft.
Preface:In 2020, the global AI software market is expected to grow approximately 54 percent year-on-year, reaching a forecast size of 22.6 billion U.S. dollars.
Background: NVIDIA® Jetson™ Linux requires a root file system. You must create a Linux host system and copy it to your reference board. NVIDIA provides a tool to generate a root filesystem. To use the tool, go to Navigate to the tools/samplefs directory of the extracted NVIDIA driver package. When you install according to the standard, you must download a file. Then run the apply_binaries.sh script to copy the NVIDIA user space libraries into the target file system.
Vulnerability details: A vulnerability occurred of existing mechanism causes improper access control is applied, which may lead to an unprivileged user being able to modify system device tree files, leading to denial of service. Official details shown as below link.
Preface: About decades ago, video recording was used to perform IT system monitoring and governance. The most famous brands are RSA NetWitness and CyberArk. However, products made in Israel provide a cost-effective solution. The software product named “ObserveIT”. The “ObserveIT” software product is now under the umbrella of Proofpoint, Inc..
Vulnerability details: The Proofpoint Insider Threat Management (formerly ObserveIT) Agent for Windows, which allows a local authenticated Windows user to run arbitrary commands with the privileges of the Windows SYSTEM user.
Affected version: before 7.4.3, 7.5.4, 7.6.5, 7.7.5, 7.8.4, 7.9.3, 7.10.2, and 7.11.0.25 as well as versions 7.3 and earlier.
Additional note: If user have access permission to change a file or folder. Meanwhile there is a named service in this directory. As a result, user can create a payload with “msfvenom” tool. With this payload it can manipulate this specify service. After uploading the payload to system and moved into “common files” directory. When it start, you will receive a session on the system as NT Authority/System.
Background: sudo command allows you to run programs with the security privileges of another user. All auditors and security expert highly recommend to use. We can say it is a best practices.
Vulnerability details: Sudo before 1.9.5p2 has a Heap-based Buffer Overflow, allowing privilege escalation to root via “sudoedit -s” and a command-line argument that ends with a single backslash character.
Impact: Taking control of the Linux system vulnerability version: before 1.9.5p2
Security concern: Since system admin will deny to use SSH remotely without VPN connectivity because of security reason. Therefore this design weakness will be exploit by insider threats. If you cannot patch immediately. You should fine tune your SIEM to monitoring sudo usage.
Background: Adobe ColdFusion is a development platform that uses CFML to quickly build modern web apps. Unlike other programming languages, ColdFusion is tag-based. It’s easy to use and can be the backbone of numerous development modules and functionalities.
Dynamic-link library loading mechanism: The DLL loaded once and all programs share the same in-memory copy of code. The read-only sections of the DLL loader uses a technique called “memory mapping” to map the DLL into the process’s address space. The pages are only loaded into physical memory once for all processes, even though they may have the page mapped to different address in their virtual address space. If no design weakness occurs, dynamically-allocated memory is not shared.
Question: Can the .dll file be replaced while the application is running? If you would like to update DLLs that applications use in Windows without terminating the process. Yes, it is possible, but the application must have special machanism to unload the current running DLL and reload the new DLL file.
Vulnerability Details:
By placing a malicious DLL with the same name as an ambiguously specified DLL in a location that Windows searches before the legitimate DLL. By default C:[\]ColdFusion2021.
2. Remote DLL preloading attacks occur when a program sets its current directory to a remote location such as a Web share before loading a DLL. Or Modify the program loads DLLs by replacing an existing DLL or modifying a .manifest or .local redirection file, directory, or junction to cause the program to load a different DLL.
VirtualBox uses some QEMU virtual hardware devices and has a built-in qemudede-based Dynamic re-compiler.Same as KQEMU.
Xen HVM has device emulation based on the QEMU project to provide I/O virtualization to the virtual machines.
Qemu on FreeBSD as host.It runs under Windows 2000, Windows XP, GNU/Linux (RedHat, Debian) and FreeBSD “host” systems.
QEMU can simulate a variety of hardware devices
Android and ARM: QEMU emulates the ARMv7 instruction set using the NEON extension.It simulates the Integrated System / CP board,multi-function backplane.
In Android OS because the VM memory page allocation is not continuous,PIPE driver will pass the remote data address to QEMU several times.
Design weakness: sdhci – While doing multi block SDMA, transfer block size may exceed the ‘s->fifo_buffer[s->buf_maxsz]’ size.
Impact: Resulting in a denial of service condition, or potentially execute arbitrary code with privileges of the QEMU process on the host.
Preface: The period from January 1, 2001 to December 31, 2100 is called the 21st century. Furthermore, our technologies world has demand for virtual technology concept. For example, virtual machine, virtual reality,..etc. Have you been think that you can do a virtual journey. See whether what is the gap in between reality and imagination?
Background: The first version of the Journey to the center of the Earth was published in 25th November 1864 by Jules Verne from France. Jules Gabriel Verne (Jules Gabriel Verne) is a French novelist, poet and playwright. The first industrial revolution started in the 1760s and lasted from the 1830s to the 1840s. Perhaps this revolution trigger his thinking or he has experience for close encounter of the 3rd kind?
Behind the Belief: Lizard People
According to the lizard people theory, bloodthirsty reptilian aliens first arrived on earth in ancient times. Since then, these beings have been merging with humans through the manipulation of DNA, as well as interbreeding with the human population. Conspiracy theories believing that unknown civilization including lizard people are living in the center of earth. Mixed humans (Lizard people) are not only discussed in ancient European culture. The similar of record also appearing in China. The classic Chinese book “Shan Hai Jing” 《山海經》 depicts similar types of mixed humans. However, according to general view point, the “Shan Hai Jing” 《山海經》 is a compilation of mythical geography and beasts. But I don’t think so.You can go through below details (URL and references) see whether any change to your judgement?
Reference 1: American scholar Dr. Henriette Mertz (1898-1985) studied the “Shan Hai Jing” 《山海經》. She published a book to prove that there is a description of American geography in the “Shan Hai Jing”. According to the record of Dongshan Jing《東山經》 descriptions , where the sun rises east of the sea in China. She identified the Rocky Mountains in the central and western United States,the Sierra Nevada mountains,the Cascade Mountains,the Pacific coast of the coastal mountains explicitly similar to the “Dongshan Jing” Records. For instance, four mountain structure, peaks, rivers, flora and fauna, mountain-to-Mountain distance is exactly consistent with the “Dongshan Jing” includes records the four mountain systems, peaks, rivers, flora and fauna, mountain to mountain distance.
Reference 2: During World War II, Dr Mertz worked as a code-breaker for the U.S. government’s cryptography department.
How does planet form?
Here is the simplified answer:
Earth formed when gravity pulled swirling gas and dust in to become the third planet from the Sun.
The formation process of planets in the solar system is likely to be irrelevant to violent collisions, explosions and the like. It may be a slow combination of ice and gravel floating in space.
Recently the scientist of NASA found that the exact way to form a planet may be by a slow combination of ice and gravel floating in space. Instead of something to do with explosion. So called “Big Bang”.
Remark: The Big Bang theory is a cosmological model of the observable universe from the earliest known periods through its subsequent large-scale evolution.
Even though how to form. Since the planet is a circle shape (ball). This shape is difficult to define a central axis. Whereby, in what way to find out the central axis? Perhaps we can use this example. Axis rotation is the difference between the direction the ball is rotating and the direction that it is moving down the lane. The axis of rotation is determined by the horizontal angle of your fingers (how far around the side of the ball your fingers are) as you release the ball. That is the tilt of planet will be depends on the throw angle when it created.
“The process of forming planets has a bunch of stages, and the last stage is what’s called the ‘giant impact’ phase,” said Professor Doug Hamilton. Infographic below for reference:
No matter in which way, there is a lot of explosion happens in universe. The powerful shock wave generated during astral explosion or else. Which cause the astral receiving this powerful energy. If a planet located in is located at Lagrange point. Even this force cannot pull the planet to other location. However it will let the astral spinning. Furthermore the universe is in vacuum state. Maintaining rotation at constant speed in a vacuum does not require any further input of energy.
As a matter of fact, you may seen there is a quite a lot of coincident happens in this astral forming. And therefore a lot of people including myself has queries that whether it is a artificial creation instead of forming by nature.
There is magma in the core of the earth, is it the driving force that causes the earth to rotate?
The solid core of the earth rotates only once every 120 years or so. No one knows the real reason for the reversal. The original energy that caused the rotation of the Earth when the earth was formed. As far as we know, at least two ways found by scientist that what is the possibilities to form our earth (see below).
Why is the core of planets hot?
There are three main sources of heat in the planet:
Heat from when the planet formed and accreted, which has not yet been lost;
Frictional heating, caused by denser core material sinking to the center of the planet; and
Heat from the decay of radioactive elements.
Why is the Earth tilted at 23.4 or 23.5 degrees? The angle varies a little over time, but the gravitational pull of the moon prevents it from shifting by more than a degree or so. This tilt is what gives us seasons. The axial tilt impact seasons, weather, even human life.
What causes the moon to rotate? The easy answer is that the moon’s orbit around Earth is tilted, by five degrees, to the plane of Earth’s orbit around the sun.
Closer look inside our earth
Gold is one of the ingredient in our earth. Pure gold is on demand item since ancient time. We can seen many things in ancient age also made by Gold. People known Gold is an expensive ingredient when mankind founded alchemy technology in ancient age. There are also unproven records of cuneiform writing in ancient Sumerian clay tablets, and advanced and unknown civilization also came to the earth to mine gold. Current scientific theories estimate that there is enough gold in the core to cover the surface of the earth with a 4 meter thick layer of pure gold. But this area cannot be mined. Therefore, the remaining gold component that can be mined is located on the earth’s crust.
According to data from the US Geological Survey (2020), underground gold reserves are currently estimated to be about 50,000 tons. Approximately 20% is still to be mined.
The density of the core is measured using several techniques including seismic geophysics. Seismic waves are measured from earthquakes all over the world.
What Is Earth’s Core Made of?
Earth’s inner core is solid iron, its outer core is liquid iron mixed with other components, and its mantle is dense rock.
Quote: We can’t put a thermometer in the Earth’s core, so the only solution is to simulate the same crushing pressure in the laboratory, said Lidunka Vočadlo (University College London, UK)
In 2013, a French research team created the best simulation conditions. They inserted pure iron into an environment where the pressure was slightly more than half the pressure of the core, which is said to be the temperature of the core. At the core temperature, the melting point of pure iron is about 6230°C. The presence of other substances causes the melting point to drop, about 6000°C, while it is still very hot, comparable to the temperature of the sun’s surface.
The Earth’s core is mainly composed of iron. It is believed that about 80% of the composition of the Earth’s core is iron, although the exact value has yet to be determined. The Iron must have been affected by gravity and settled towards the Earth’s core. Most of the rest of the Earth is made up of a rock material called”silicate”, and the molten iron must find a way to pass through these rocks to reach the core. A lot of unknown information waiting for scientist to figure out. Because we still rely on drilling methods and simulated predetermined environments.
Should the journey continue?
The deepest hole drilled by human being on Earth and deepest artificial point on Earth. It was created the world record by Russia Kola superdeep borehole. (40,230ft-deep (12.2km)). The drilling was stopped in 1992, when the temperature reached 180C (356F). Perhaps this is a prelude and waiting for human being to explore.
The scientific world has unlimited information waiting for human being to explore. Scientific goals allow us to understand the origin of everything in the world. I hereby to thanks for our digital world especially search engine and unlimited information on internet world. Our journey stop here.
Preface: On macOS, dynamic-link libraries are known as dylib files. This is the equivalent to a DLL on Windows and a shared library (or .so library) on Linux.
Background: ctypes is a foreign function library for Python. It provides C compatible data types, and allows calling functions in DLLs or shared libraries. It can be used to wrap these libraries in pure Python.
Design objective: Calling C++ libraries from Python allows the developer to build an application that takes advantage of the best of Python and C++. The result is an application that combines both speed and simplicity.
Vulnerability details: There’s a buffer overflow in the ctypes PyCArg_repr() function. (Disclosure date: 2021-01-16)
Design weakness: There’s a buffer overflow in the PyCArg_repr() function in _ctypes/callproc.c. The buffer overflow happens due to not checking the length of specify sprintf() function.
Technical Supplement: A large computer foot print around the world in the office is Microsoft window base machine. Therefore DB infrastructure integrate to Active Directory is common. Windows AD server classic way is Kerberos authentication. Oracle database competence support Kerberos. So called configuring the Kerberos authentication adapter. On Nov 2020 Microsoft do the remediation of Kerberos KDC Security Feature Bypass Vulnerability (CVE-2020-17049). When you read the official of Oracle vulnerability (CVE-2021-2018), it say, it is only affects Windows platform only. OK, be my guest. Using your imagination to understand this vulnerability. Great day, great fun!
Ref 1: To setup Kerberos on oracle DB. We will need to make changes in three places: DB Server, Client Workstation & Active Directory.
.jpg?width=1920&height=1080&fit=bounds)
.jpg)
.jpg?width=1920&height=1080&fit=bounds)
