For people who do not know it, there is a not so new (at time of writing) critical vulnerability in almost all recent versions of Windows. You can read the Microsoft advisory here. This vulnerability is extremely dangerous because it can be triggered with no specific action from the user. It can lead to remote code execution, which means that an attacker can execute the code he wants on your computer, without your consent, and with the rights of the user using the computer.

There is currently no patch from Microsoft to fix this problem, and as this bug is being actively exploited in the wild by malicious persons, I strongly suggest that you apply the hotfix that Ilfak Guilfanov made just a few hours ago. He speaks about it on his blog. Download and install the patch from his blog as soon as you can after having read Ilfak's post.

I did not read the source code of the patch very carefully to check if it is good or not, but Ilfak is one of the head developpers of IDA, a very well known disassembler. F-Secure, an antivirus company, recommends applying the patch on its blog. That's why I think that you can trust his hot fix

If you cannot apply the patch for any reason, you should try to protect your computer until a fix from Microsoft is available by following the steps described in Microsoft advisory under the "Suggested actions" tab. Anyway I think that Ilfak's hotfix is better than the fix of Microsoft which is NOT a total fix.

I cannot say it enough: you must do something quickly or you will very likely get some worm or spyware on your computer because of this security flaw.

Why I am publishing this on this blog ? Because what Ilfak made is a huge improvement, as he was able to hack one of Windows core DLLs so as to remove a security vulnerability ! Also because I am involved in computer security discussion groups and I feel concerned about security issues. Finally, I feel some shame because I have been trying this afternoon to modify the shimgvw.dll and I didn't succeed... and this guy did ! (he didn't modify the DLL, instead he modified another part of the system which is used by the exploit) And he did a very good job by preventing any exploitation of the security hole without changing the behavior of the system in normal operation. When I tried to modify the buggy DLL, I wanted to prevent it from recognizing WMF and EMF images: as it will no longer parse these files at all, exploitation would not be possible anymore, and it would not annoy users a lot because WMF/EMF files are not widely used.

Turbokeu's has a very particular fishtank: most of its functions are electronically controlled. Some controllers were made by himself, such as his temperature monitor, and some were bought such as his pH controller. Among the "features" of his tank, and beside the two already listed, there is a timer which controls the light intensity according to time, a CO2 monitor, some pretty plants and, of course, nice fishes.

Several photos are available on his page dedicated to his fishtank, but you could also take a look at his other projects (mostly electronic) on his website ! He made very nice nixie clocks, and a totally outstanding watercooled PC case (yea, i'm a fan...).

The photo in this post is from Turbokeu's fishtank page and is published here with his kind permission.

It's always annoying to have to press a button, while being half asleep, to light up a clock so as to see what time it is at night, if you don't have a clock that permanently generates light to display the time, such as a LED clock would do.

A LED clock ? Yes, like the ones SteveyG made. He made two clocks, the first one being made in only one day.

The two clocks have their own webpages on the bit-tech forum: version 1 and version 2. You may also want to check the led matrix clock here.

Here are some pictures of the different clocks, in this order: version 1, 2, and the matrix LED display.

Pretty cool isn't it ?

The photos in this post are from SteveyG and are published here with his kind permission.

I personnaly don't shut off my computer at night, mainly because I don't like to have to switch it on when I want to use it, because it takes some time to boot. However, there is a concern with this approach: a computer consumes a lot of power, typically more than 200W, and most of this power is transformed into heat. This heat is moved away from the sensitive components of the computer by some fans... and fans make noise. A lot of noise.

This noise if obviously a problem when you try to sleep with the computer a few meters away. As Thomas (callsign OZ2CPU), a radioamateur from Denmark says about his computer on his homemade watercooling page,

"With air cooling (using fans) it is not possible to fall asleep :-)"

I agree with him...

Thomas made an elegant watercooling system for his PC. Almost every heat-generator component is watercooled, from the processor to the graphic accelerator chipset, including the power supply unit of the PC. And unlike other watercooling systems, he didn't need a fan for the radiator, which cools down the water. The only moving part of his system is the pump that generates the necessary water flow. The good thing with this pump is that it could actually be moved in another room if it were making too much noise !

See how well finished is the waterblock of his graphic accelerator card...

Thomas can now afford sleeping without having to turn off his computer. He made a 4 channel temperature monitor (also homemade !) and he made some benchmark of his watercooling system which turned out to be very efficient.

The homemade temperature monitor looks rather good !

Maybe I should make my own watercooling too... Will you do so ? You have all the necessary informations on his website, which also presents other of his interesting projects !

Note: this post wouldn't be complete if I didn't post a link to the Zero Fan Zone !

The photos in this post are from OZ2CPU's website and are published here with his kind permission.