Friday, 1 May 2015

PayPal takes four days to patch a critical remote code execution vulnerability



It only took PayPal four days to patch a critical remote code execution vulnerability with a Common Vulnerability Scoring System (CVSS) count of 9.3. The flaw, in the Java Debug Wire Protocol (JDWP) in PayPal's marketing online service web-server, allowed "remote attackers to execute system specific code against a target system to compromise the webserver."


JDWP, a component of the Java Platform Debugger Architecture, is the "protocol used for communication between a debugger and the Java virtual machine (VM) which it debugs,"explained independent security researcher Milan A. Solanki. "JDWP does not use any authentication and could be abused by an attacker to execute arbitrary code on the affected server." 

Thursday, 30 April 2015

Microsoft Build 2015 - news on Windows Edge - the new name for Internet Explorer



Big day for Microsoft. Catch up on all the announcements and demos from Build 2015, Microsoft's biggest event of the year.

interesting stuff
Code and test apple code
Android apps on windows phone
Windows 10
Project Spartan become Windows Edge web browser

Microsoft Build 2015 keynote in 9 minutes