Reposted by Joe Bialek
advice to every Rust organizational decisionmaker out there: shut up, stop making excuses, and take notes from the PSF: bsky.app/profile/pyth...
TLDR; The PSF has made the decision to put our community and our shared diversity, equity, and inclusion values ahead of seeking $1.5M in new revenue. Please read and share. pyfound.blogspot.com/2025/10/NSF-...
🧵
🧵
The official home of the Python Programming Language
www.python.org
October 27, 2025 at 3:35 PM
advice to every Rust organizational decisionmaker out there: shut up, stop making excuses, and take notes from the PSF: bsky.app/profile/pyth...
Memory tagging coming to x86: community.intel.com/t5/Blogs/Tec...
ChkTag: x86 Memory Safety
ChkTag: x86 Memory Safety Memory safety violations due to programming errors have long afflicted software. Industry and academia have been searching for solutions to this problem. As first noted in ...
community.intel.com
October 15, 2025 at 3:31 PM
Memory tagging coming to x86: community.intel.com/t5/Blogs/Tec...
Reposted by Joe Bialek
I'm shocked.. thehackernews.com/2025/10/micr...
Microsoft Locks Down IE Mode After Hackers Turned Legacy Feature Into Backdoor
Microsoft restricts IE Mode in Edge after threat actors exploited Chakra engine flaws for remote access.
thehackernews.com
October 13, 2025 at 10:33 PM
I'm shocked.. thehackernews.com/2025/10/micr...
Over the summer we published documentation for the new usermode accessor APIs that we will be making all drivers use going forward. We’ve now ported over 2/3rd of our usermode accesses in kernel code to use these APIs and the rest is in progress! learn.microsoft.com/en-us/window...
User-mode Accessors - Windows drivers
Learn about user-mode accessors that provide safe access to user-mode memory from kernel-mode code
learn.microsoft.com
October 10, 2025 at 7:03 PM
Over the summer we published documentation for the new usermode accessor APIs that we will be making all drivers use going forward. We’ve now ported over 2/3rd of our usermode accesses in kernel code to use these APIs and the rest is in progress! learn.microsoft.com/en-us/window...
Reposted by Joe Bialek
I'm thrilled to announce "HTTP/1 Must Die! The Desync Endgame", at #BHUSA! This is going to be epic, check out the abstract for a teaser ↓
May 14, 2025 at 1:31 PM
I'm thrilled to announce "HTTP/1 Must Die! The Desync Endgame", at #BHUSA! This is going to be epic, check out the abstract for a teaser ↓
Reposted by Joe Bialek
Bypassing kASLR via Cache Timing : r0keb.github.io/posts/Bypass...
kASLR Internals and Evolution : r0keb.github.io/posts/kASLR-... credits @r0keb
kASLR Internals and Evolution : r0keb.github.io/posts/kASLR-... credits @r0keb
May 20, 2025 at 6:40 AM
Bypassing kASLR via Cache Timing : r0keb.github.io/posts/Bypass...
kASLR Internals and Evolution : r0keb.github.io/posts/kASLR-... credits @r0keb
kASLR Internals and Evolution : r0keb.github.io/posts/kASLR-... credits @r0keb
Reposted by Joe Bialek
Important news: Microsoft is working to bring SMAP into Windows
www.youtube.com/watch?v=-3jx...
Great talk by Joe Bialek from MORSE team
www.youtube.com/watch?v=-3jx...
Great talk by Joe Bialek from MORSE team
BlueHat 2024: S09: Pointer Problems – Why We’re Refactoring the Windows Kernel
YouTube video by Microsoft Security Response Center (MSRC)
www.youtube.com
December 16, 2024 at 4:29 AM
Important news: Microsoft is working to bring SMAP into Windows
www.youtube.com/watch?v=-3jx...
Great talk by Joe Bialek from MORSE team
www.youtube.com/watch?v=-3jx...
Great talk by Joe Bialek from MORSE team
Reposted by Joe Bialek
New blog post on the abuse of the IDispatch COM interface to get unexpected objects loaded into a process. Demoed by using this to get arbitrary code execution in a PPL process. googleprojectzero.blogspot.com/2025/01/wind...
Windows Bug Class: Accessing Trapped COM Objects with IDispatch
Posted by James Forshaw, Google Project Zero Object orientated remoting technologies such as DCOM and .NET Remoting make it very easy ...
googleprojectzero.blogspot.com
January 30, 2025 at 6:37 PM
New blog post on the abuse of the IDispatch COM interface to get unexpected objects loaded into a process. Demoed by using this to get arbitrary code execution in a PPL process. googleprojectzero.blogspot.com/2025/01/wind...
In the past 6 months we’ve ported over 2,000 usermode accesses in ntoskrnl and securekernel to usermode accessors and discovered and fixed a handful of vulnerabilities in the process. I never thought we’d see such large scale refactoring
January 31, 2025 at 3:31 AM
In the past 6 months we’ve ported over 2,000 usermode accesses in ntoskrnl and securekernel to usermode accessors and discovered and fixed a handful of vulnerabilities in the process. I never thought we’d see such large scale refactoring
Reposted by Joe Bialek
Simple 3 steps to boot Arm64 WinVOS in QEMU (emulation mode).
linaro.atlassian.net/wiki/spaces/...
Boots in under a minute.
linaro.atlassian.net/wiki/spaces/...
Boots in under a minute.
windows-arm64 VM using qemu-system - Windows On Arm (WOA) - Confluence
linaro.atlassian.net
November 26, 2024 at 4:35 PM
Simple 3 steps to boot Arm64 WinVOS in QEMU (emulation mode).
linaro.atlassian.net/wiki/spaces/...
Boots in under a minute.
linaro.atlassian.net/wiki/spaces/...
Boots in under a minute.
TIL we published WinVOS, a super lightweight Windows SKU. This is a great way to debug ultra hot system calls and other things that are just too noisy on a full version of Windows. I use it for development. learn.microsoft.com/en-us/window...
Microsoft Validation OS
Microsoft Validation OS
learn.microsoft.com
November 26, 2024 at 5:13 PM
TIL we published WinVOS, a super lightweight Windows SKU. This is a great way to debug ultra hot system calls and other things that are just too noisy on a full version of Windows. I use it for development. learn.microsoft.com/en-us/window...
More usermode accessor improvements are landing in Windows 😊
November 26, 2024 at 1:41 AM
More usermode accessor improvements are landing in Windows 😊
Reposted by Joe Bialek
Work-around for long-term issue in Cygwin's fork() running on Arm64 resolved.
Really appreciate the energy and collaboration with the @msys2org.bsky.social folks!
Really appreciate the energy and collaboration with the @msys2org.bsky.social folks!
November 14, 2024 at 3:17 AM
Work-around for long-term issue in Cygwin's fork() running on Arm64 resolved.
Really appreciate the energy and collaboration with the @msys2org.bsky.social folks!
Really appreciate the energy and collaboration with the @msys2org.bsky.social folks!