Windows Isn’t a Service; It’s an Operating System

An operating system that runs on millions of different hardware configurations is not a service. It can’t be updated as easily, and you’ll run into issues with hardware, drivers, and software when you change things. The upgrade process isn’t instant and transparent—it’s a big download and can take a while to install.

Source: Windows Isn’t a Service; It’s an Operating System

Researcher finds simple way of backdooring Windows PCs and nobody notices for ten months

The technique does not allow a hacker to remotely infect a computer unless that computer has been foolishly left exposed on the Internet without a password.

Source: Researcher finds simple way of backdooring Windows PCs and nobody notices for ten months | ZDNet

Since registry keys are also boot persistent, any modifications made to an account’s RID remain permanent, or until fixed.

Linus Torvalds says Linux kernel v5.0 ‘should be meaningless’

With the removal of old architecture and other bits of tidying up, with v4.17 RC1 there were more lines of code removed than added: something described as “probably a first. Ever. In the history of the universe. Or at least kernel releases.”

Source: Linus Torvalds says Linux kernel v5.0 ‘should be meaningless’

‘Kernel memory leaking’ Intel processor design flaw forces Linux, Windows redesign

A fundamental design flaw in Intel’s processor chips has forced a significant redesign of the Linux and Windows kernels to defang the chip-level security bug.

Source: ‘Kernel memory leaking’ Intel processor design flaw forces Linux, Windows redesign • The Register

There were rumors of a severe hypervisor bug – possibly in Xen – doing the rounds at the end of 2017. It may be that this hardware flaw is that rumored bug: that hypervisors can be attacked via this kernel memory access cockup, and thus need to be patched, forcing a mass restart of guest virtual machines.

Windows 10 Bundles a Password Manager. Password Manager Bundles a Security Flaw

“This potential vulnerability requires a Keeper user to be lured to a malicious website while logged into the browser extension, and then fakes user input by using a ‘clickjacking’ technique to execute privileged code within the browser extension,” said Craig Lurey, co-founder and CTO of Keeper Security.

Source: Windows 10 Bundles a Password Manager. Password Manager Bundles a Security Flaw

​Linux totally dominates supercomputers

In 1993/1994, at NASA’s Goddard Space Flight Center, Donald Becker and Thomas Sterling designed a Commodity Off The Shelf (COTS) supercomputer: Beowulf. Since they couldn’t afford a traditional supercomputer, they built a cluster computer made up of 16 Intel 486 DX4 processors, which were connected by channel bonded Ethernet. This Beowulf supercomputer was an instant success.

Source: ​Linux totally dominates supercomputers | ZDNet

Linux first appeared on the Top500 in 1998. Before Linux took the lead, Unix was supercomputing’s top operating system. Since 2003, the Top500 was on its way to Linux domination. By 2004, Linux had taken the lead for good.

How AV can open you to attacks that otherwise wouldn’t be possible

The attack worked first by getting Bogner’s malicious file quarantined by the AV program running on the targeted computer. The pentester then exploited vulnerabilities in the AV programs that allowed unprivileged users to restore the quarantined files. He further abused a Windows feature known as NTFS file junction point to force the restore operation to put his malicious file into a privileged directory of Bogner’s choosing. The technique took advantage of another Windows feature known as Dynamic Link Library search order. With that, Bogner’s malware ran with full privileges.

Source: How AV can open you to attacks that otherwise wouldn’t be possible | Ars Technica