A Deferred Procedure Call (DPC) is where Interrupt Service Routines (ISRs) get most of their work done in Windows. ISRs are meant to not do a whole lot other than queueing a DPC and call it done. This is because at Device IRQL, not much else can go on while the CPU is interrupted and [...]
Windows 7 Service Pack 1 has been released by Microsoft for some time now. A cursory look at changes pushed in Windows 7 Service Pack 1 suggests that it is, for the most part – a new feature plus bunch of bug [...]
If you are starting to kernel debug Windows for the first time on a 64-bit intel machine over Firewire or IEEE 1394, you may have some hurdles to leap over. When the debugging host is 32-bit, you run the debugger kd/windbg and configure it to connect over a 1394 channel that matches the channel on [...]
Continue Reading →
The other day, a colleague of mine hands me this Sony Vaio notebook that blue screens when booting up with a 0xc000021a. The bsod happened on every boot but you could boot the machine into safe mode. Curious about what it could be, my first guess was obviously malware. Symantec was
Continue Reading →
It seems if a driver opens and closes a process early enough in Windows 7, it could trigger a destruction before process creation is even completed, leading to a blue screen of death.
One of the ways this happens is,
Continue Reading →
Eric Chien says Symantec has had a breakthrough in understanding the final legs of Stuxnet worm. The worm was known to Statement List (STL) rootkit1 Siemens Programmable Logic Controllers (PLCs) [...]
Continue Reading →
Loading ...