Aggregator

This month we release eight bulletins – four Critical and four Important - which address 25* unique CVEs in Microsoft Windows, Internet Explorer, SharePoint, .NET Framework, Office, and Silverlight. For those who need to prioritize their deployment planning, we recommend focusing on MS13-080, MS13-081, and MS13-083. Our Bulletin Deployment Priority graph provides an overview of this month’s priority releases (click for larger view).

Today we’re publishing the September 2013 Security Bulletin Webcast Questions & Answers page. The majority of questions focused on Office bulletins, especially SharePoint Server (MS13-067). We received multiple Office related questions that were very similar in nature, so the questions have been merged, as applicable, with consolidated answers provided. We were able to answer six questions on air, and those we did not have time for have been included on the Q&A page.

Today we’re publishing the September 2013 Security Bulletin Webcast Questions & Answers page. The majority of questions focused on Office bulletins, especially SharePoint Server (MS13-067). We received multiple Office related questions that were very similar in nature, so the questions have been merged, as applicable, with consolidated answers provided. We were able to answer six questions on air, and those we did not have time for have been included on the Q&A page.

Helen Hunt Jackson famously wrote, “By all lovely tokens September is here, with summer’s best of weather and autumn’s best of cheer.” I share Helen’s clear adoration for this time of year. As a sports fan, there are so many “lovely tokens” to enjoy. The baseball pennant race is heating up, college and pro football are underway, and various soccer leagues (real football to the rest of the world) continue.

Helen Hunt Jackson famously wrote, “By all lovely tokens September is here, with summer’s best of weather and autumn’s best of cheer.” I share Helen’s clear adoration for this time of year. As a sports fan, there are so many “lovely tokens” to enjoy. The baseball pennant race is heating up, college and pro football are underway, and various soccer leagues (real football to the rest of the world) continue.

花了一些时间，终于把QQ2013正式版beta1 7979版本的聊天记录搞定了，基金周折，来的不容易，总体来说还是比较满意的，对这个方案作一下总结： 1.采用技术方案为hook方式，非不可靠的硬编码、非不负责任的读内存方式。 2.考虑便于维护的技术方案，不会随qq变更而需要大作改动，类似以前版本的SaveMsg方案。 3.兼容32位64位。 4.商业代码，与技术代码有本质的区别，有经验的同

皆さん、こんにちは！8 月下旬となり、猛暑も多少落ち着きましたが、まだまだ暑い日が続いています。こまめ

皆さん、こんにちは！8 月下旬となり、猛暑も多少落ち着きましたが、まだまだ暑い日が続いています。こまめ

通过 HTML5 的 socket API 实现 Native Code 与 Web 页面的通信。

Today we’re publishing the August 2013 Security Bulletin Webcast Questions & Answers page. We fielded 13 questions on various topics during the webcast, with specific bulletin questions focusing primarily on Exchange Server (MS13-061) and Windows Kernel (MS13-063). There were 3 additional questions during the webcast that we were unable to answer on air, and we have also answered those on the Q&A page.

Today we’re publishing the August 2013 Security Bulletin Webcast Questions & Answers page. We fielded 13 questions on various topics during the webcast, with specific bulletin questions focusing primarily on Exchange Server (MS13-061) and Windows Kernel (MS13-063). There were 3 additional questions during the webcast that we were unable to answer on air, and we have also answered those on the Q&A page.

有朋友问是否可以不得到密码解析出聊天记录内容，答案肯定是不可以，不然tx设计如此复杂的登陆协议纯粹没事找事闲的了，因此做了一张图来让大家直观的明白其中的奥妙。

在破解iOS应用的过程中，需要经常使用 otool 获取程序本身的信息（比如：是否启用了PIE），获取加密信息， 但是CLI的程序在直观性上还是不如GUI的， 下面描述使用MachOView来查看到相关信息。 1、加载可执行文件。 运行 MachOView 后，会提示选择文件，选择将要分析的文件， 会在后台进行分析，等待分析完毕，如下图： 2、文件头信息。

+[UIImage imageNamd:]的实现分析：如果查找图片，查找哪些图片，查找顺序，缓存等。 注释过的反汇编代码：http://pan.baidu.com/share/link?shareid=3491166579&uk=537224442 伪代码（不精确，仅供参考）：    NSString* _UICacheNameForImageAtPath(NSString *imageName, NSBundle *bundle); NSString* ProductSu