The Ink Canvas and Ruler: combining art and technology

2016-08-05 KENNETH 0

The Ink Canvas and Ruler: combining art and technology How easy is it to integrate Inking into your app? As easy as one line of XAML. In this post, we’re going to walk you through the new Windows 10 Inking capabilities, which are making communication via writing and drawing easier than ever for users. You’ll learn how to implement these new capabilities in your Windows app and how they will improve your users’ experience. The easiest ways for Universal Windows Platform developers to hook into this capability is through the Ink Canvas. We’ll start out with some examples of this. The built-in experience There are many potential applications of Inking. As a starting point, it’s helpful to think of a typical user of Inking apps – for instance, an insurance adjuster who spends more time in the field than in [ more… ]

No Image

USN-3047-1: QEMU vulnerabilities

2016-08-05 KENNETH 0

USN-3047-1: QEMU vulnerabilities Ubuntu Security Notice USN-3047-1 4th August, 2016 qemu, qemu-kvm vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 16.04 LTS Ubuntu 14.04 LTS Ubuntu 12.04 LTS Summary Several security issues were fixed in QEMU. Software description qemu – Machine emulator and virtualizer qemu-kvm – Machine emulator and virtualizer Details Li Qiang discovered that QEMU incorrectly handled 53C9X Fast SCSIcontroller emulation. A privileged attacker inside the guest could use thisissue to cause QEMU to crash, resulting in a denial of service, or possiblyexecute arbitrary code on the host. In the default installation, when QEMUis used with libvirt, attackers would be isolated by the libvirt AppArmorprofile. This issue only applied to Ubuntu 14.04 LTS and Ubuntu 16.04 LTS.(CVE-2016-4439, CVE-2016-4441, CVE-2016-5238, CVE-2016-5338, CVE-2016-6351) Li Qiang and Qinghao Tang discovered that QEMU incorrectly handled theVMWare VGA module. [ more… ]

No Image

Microsoft Bounty Programs Expansion – Microsoft Edge Remote Code Execution (RCE) Bounty

2016-08-05 KENNETH 0

Microsoft Bounty Programs Expansion – Microsoft Edge Remote Code Execution (RCE) Bounty I’m very happy to announce another addition to the Microsoft Bounty Programs. Microsoft will be hosting a bounty for Remote Code Execution vulnerabilities in Microsoft Edge on Windows Insider Preview builds. This bounty continues our partnership with the security research community in working to secure our platforms, in pre-release stages of the development process. The Windows Insider program is built to help shape the future of Windows, and represents the latest in features, including new security features and mitigations. For the latest information on new Windows features included in the Insider Previews, please visit the Windows 10 Insider Program Blog. As the bounty programs are pushing forward into earlier releases of software, there may be more instances of a vulnerability being reported which Microsoft is already working to [ more… ]

No Image

USN-3046-1: LibreOffice vulnerability

2016-08-05 KENNETH 0

USN-3046-1: LibreOffice vulnerability Ubuntu Security Notice USN-3046-1 4th August, 2016 libreoffice vulnerability A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 12.04 LTS Summary LibreOffice could be made to crash or run programs as your login if it opened a specially crafted file. Software description libreoffice – Office productivity suite Details Yves Younan and Richard Johnson discovered that LibreOffice incorrectlyhandled presentation files. If a user were tricked into opening aspecially crafted presentation file, a remote attacker could causeLibreOffice to crash, and possibly execute arbitrary code. Update instructions The problem can be corrected by updating your system to the following package version: Ubuntu 12.04 LTS: libreoffice-core 1:3.5.7-0ubuntu12 To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades. After a standard system update you need to restart LibreOffice to makeall the necessary changes. References CVE-2016-1513 Source: USN-3046-1: LibreOffice vulnerability

AWS Database Migration Service, 서울 리전 출시

2016-08-05 KENNETH 0

AWS Database Migration Service, 서울 리전 출시 AWS Database Migration Service는 기존 온-프레미스 데이터베이스를 AWS로 쉽고 안전하게 마이그레이션에 도움을 주는 클라우드 데이터 이전에 중요한 서비스입니다. 지난 3월 정식 서비스 개시 이후 오늘 부터 Asia Pacific (Seoul) 리전에서 사용가능합니다. 본 서비스는 Oracle에서 Oracle로의 동종 마이그레이션뿐 아니라 Oracle에서 Amazon Aurora 또는 Microsoft SQL Server에서 MySQL로의 마이그레이션과 같은 이기종 데이터베이스 플랫폼 간의 마이그레이션도 지원합니다. 또한 Amazon Aurora, PostgreSQL, MySQL, MariaDB, Oracle, SAP ASE(이전 Sybase ASE) 및 SQL Server를 포함해 지원되는 소스에서 Amazon Redshift로 데이터를 스트리밍하여 페타바이트 규모의 데이터 웨어하우스에서도 데이터 통합 및 용이한 분석이 가능합니다. 지난 7월 13일에는 몇 가지 신규 기능을 추가하였습니다. 지속적인 데이터 리플리케이션 기능을 추가하여, Multi-AZ 기능을 통해 좀 더 안정적인 리플리케이션을 제공합니다. 또한, SSL 엔드 포인트를 제공하여 좀 더 안전하게 정보를 제공할 수 있습니다. 좀 더 자세한 사항은 DMS 홈페이지나 DMS 기술 문서를 참고하시기 바랍니다. ■ AWS DMS 서비스 [ more… ]