41PpliNodjL._SY300_909XCLEANBOOT.zip

This file is intended for use when a CLEAN BOOT of an MC909X WM 5.0 device is required. Unzip the contents of this device to either the root of an SD Card (and place the SD Card in your device) OR the TEMP folder. Then follow the UPDATE LOADER boot instructions below.
909XCLEANBOOTANDBLANK.zip

This file is intended for use when both a blank Application Folder and a CLEAN BOOT of an MC909X WM 5.0 device is required. Unzip the contents of this device to either the root of an SD Card (and place the SD Card in your device) OR the TEMP folder. Then follow the UPDATE LOADER boot instructions below.

There are two methods to perform an Update Loader Boot on MC909X:

Method 1

  1. Navigate to the location where the ZIP file was unzipped
  2. Tap StartUpdLdr.exe
  3. After 20 seconds or so, the device will perform an Update Loader boot which will cause the PKGS.LST file deposited on the device to be processed. Leave the device on A/C power during the Update Loader process

Method 2

  1. Press the primary battery release on the mobile computer to partially eject the battery from the mobile computer.
  2. On an MC9090-G, while the battery is partially released, simultaneously press and release the trigger and the Power button.
  3. On an MC-909X-K or MC909X-S, while the battery is partially released, simultaneously press and release the left scan button and the Power button.
  4. Push the battery to fully re-insert it in the mobile computer. One audible click can be heard as the battery is fully inserted.
  5. The mobile computer initializes. During this time press and hold the trigger used on step #2 or step #3 (as appropriate) and place the device on A/C power either by placing it in a cradle or a CAM.
  6. The device will invoke an Update Loader boot, which will cause the PKGS.LST file deposited on the device to be processed. Leave the device on A/C power during the Update Loader process.

 

When the device has completed the process it will return to the Windows Mobile “”Tap the screen to set up your Windows Mobile-based device” screen. At this point, if you used an SD card, please remove it from the device. If you placed the files in the TEMP folder, they will be automatically erased by the CLEAN BOOT process.

A vulnerability has been discovered in the Disqus plugin for WordPress allowing for Remote Code Execution. The Disqus plugin is used on nearly 2 million WordPress blogs.

Who is Vulnerable?

A remote attacker could successfully execute remote code provided the following version of software are true:

  • PHP <= 5.1.6
  • WordPress <= 3.1.4
  • Disqus Plugin <= 2.75

How it Works

A specially crafted comment on a WordPress post, such as {${phpinfo()}}, followed by opening the comment synchronization URL http://www.example.com/?cf_action=sync_comments&post_id=TARGET_POST_ID, is all that is needed to execute remote code.

How do I Fix It?

Log into your WordPress administration panel and update the Disqus plugin.

Make sure PHP is up-to-date with the latest version.

Runas does not accept a password on the command line, nor can you pipe it to it on STDIN. It requires keyboard input.

However, to make life easier, there’s a Visual Basic Script available that will allow you to use Runas from the command line and supply a password to it. It is created by Jefferey Hicks (MS MVP Powershell) and is called VBRunas.

cscript //nologo runas.vbs <Username> <Password> <Command>

You can download the script from my server, or from Jeffery’s website.

In a kiosk environment, or just a special case environment, sometimes the need for automatically logging in a specific user after a reboot, or during a logoff is needed. This works from Windows XP through Windows 8.1 Update 1.

This registry file will force an automatic logon of the user specified (and password if applicable).

Automatic Logon

Note: If DefaultPassword does not exist (which it doesn’t by default), then AutoAdminLogon is set to zero (0) to not automatically log in the administrator account.

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogon]
AutoAdminLogon=0
DefaultUserName=Rich
DefaultPassword=s3cr3t

Force Automatic Logon at Logoff or After Screen Lock

This is done by adding two additional values to the registry.

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogon]
ForceUnlockLogon=dword:00000001
ForceAutoLogon=dword:00000001

Installation of Proxmox VE 3.2 on an ESX 4.1 host. Note that KVM in Proxmox VE is not supported due to VT-x virtualization not being supported in ESX 4.1. ESXi 5.0+ support VT-x virtualization which would allow for Proxmox VE KVM support. OpenVZ containers in Proxmox still work without issue.

s
search
c
compose new post
r
reply
e
edit
t
go to top
j
go to the next post or comment
k
go to the previous post or comment
o
toggle comment visibility
esc
cancel edit post or comment