Joe Bialek's Avatar

Joe Bialek

@josephbialek

Windows security person

90
Followers 57
Following 17
Posts 14.11.2024
Joined
Posts Following

Latest posts by Joe Bialek @josephbialek

Excellent blog as always from James

13.02.2026 01:19 πŸ‘ 1 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Bypassing Administrator Protection by Abusing UI Access - Project Zero In my last blog post I introduced the new Windows feature, Administrator Protection and how it aimed to create a secure boundary for UAC where one didn’t exi...

Part 2 of @tiraniddo.dev’s Windows Administrator Protection journey is here!

projectzero.google/2026/02/wind...

12.02.2026 19:14 πŸ‘ 5 πŸ” 5 πŸ’¬ 1 πŸ“Œ 0

Yes they do not share pdf. Chromes is extremely fast, loads the Arm ARM in a few seconds.

25.12.2025 04:43 πŸ‘ 1 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0

Chrome is also extremely fast for PDF. Edge is super slow. Was surprised they do not use the same engine

25.12.2025 01:35 πŸ‘ 1 πŸ” 0 πŸ’¬ 1 πŸ“Œ 0

Was wondering if MTE would impact it, glad to see it mentioned at the end! Very nice write up as always from GPZ

12.12.2025 18:28 πŸ‘ 1 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Preview
Beyond RC4 for Windows authentication As organizations face an evolving threat landscape, strengthening Windows authentication is more critical than ever.

Oh hey, we're [finally] killing RC4 everywhere officially. www.microsoft.com/en-us/window...

03.12.2025 17:21 πŸ‘ 17 πŸ” 6 πŸ’¬ 1 πŸ“Œ 1
Preview
Preparing for what’s next: Windows security and resiliency innovations help organizations mitigate risks, recover faster and prepare for the era of AI Today, weΒ introduced agentic platform and cloud-powered flexibility capabilities into Windows that bring together human creativity and intelligent agents. To fully embrace these ag

What's new in Windows Security
blogs.windows.com/windowsexper...

18.11.2025 22:42 πŸ‘ 0 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0

advice to every Rust organizational decisionmaker out there: shut up, stop making excuses, and take notes from the PSF: bsky.app/profile/pyth...

27.10.2025 15:35 πŸ‘ 315 πŸ” 78 πŸ’¬ 2 πŸ“Œ 0

Yeah but remember Trump said that was Biden’s economy lol

27.10.2025 03:23 πŸ‘ 1 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Preview
ChkTag: x86 Memory Safety ChkTag: x86 Memory Safety Β  Memory safety violations due to programming errors have long afflicted software. Industry and academia have been searching for solutions to this problem. As first noted in ...

Memory tagging coming to x86: community.intel.com/t5/Blogs/Tec...

15.10.2025 15:31 πŸ‘ 2 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Preview
Microsoft Locks Down IE Mode After Hackers Turned Legacy Feature Into Backdoor Microsoft restricts IE Mode in Edge after threat actors exploited Chakra engine flaws for remote access.

I'm shocked.. thehackernews.com/2025/10/micr...

13.10.2025 22:33 πŸ‘ 8 πŸ” 3 πŸ’¬ 0 πŸ“Œ 0
Preview
User-mode Accessors - Windows drivers Learn about user-mode accessors that provide safe access to user-mode memory from kernel-mode code

Over the summer we published documentation for the new usermode accessor APIs that we will be making all drivers use going forward. We’ve now ported over 2/3rd of our usermode accesses in kernel code to use these APIs and the rest is in progress! learn.microsoft.com/en-us/window...

10.10.2025 19:03 πŸ‘ 3 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0

We hold ourselves to a high performance bar when rolling out new security mitigations only to have security software completely tank system performance. Sometimes makes me wonder why we care so much πŸ₯²

10.09.2025 14:26 πŸ‘ 1 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Post image

I'm thrilled to announce "HTTP/1 Must Die! The Desync Endgame", at #BHUSA! This is going to be epic, check out the abstract for a teaser ↓

14.05.2025 13:31 πŸ‘ 38 πŸ” 18 πŸ’¬ 2 πŸ“Œ 1

I do! Easier to make a local copy of.

29.05.2025 16:41 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0

Are the slides published?

29.05.2025 04:30 πŸ‘ 0 πŸ” 0 πŸ’¬ 1 πŸ“Œ 0

I actually was not super optimistic this would work due to compatibility but it ended up being pretty easy to get through.

24.05.2025 00:44 πŸ‘ 1 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0

This was my team, sorry not sorry :-)

24.05.2025 00:43 πŸ‘ 3 πŸ” 0 πŸ’¬ 1 πŸ“Œ 0
Post image

Bypassing kASLR via Cache Timing : r0keb.github.io/posts/Bypass...

kASLR Internals and Evolution : r0keb.github.io/posts/kASLR-... credits @r0keb

20.05.2025 06:40 πŸ‘ 3 πŸ” 3 πŸ’¬ 0 πŸ“Œ 0
BlueHat 2024: S09: Pointer Problems – Why We’re Refactoring the Windows Kernel
BlueHat 2024: S09: Pointer Problems – Why We’re Refactoring the Windows Kernel YouTube video by Microsoft Security Response Center (MSRC)

Important news: Microsoft is working to bring SMAP into Windows

www.youtube.com/watch?v=-3jx...

Great talk by Joe Bialek from MORSE team

16.12.2024 04:29 πŸ‘ 18 πŸ” 7 πŸ’¬ 1 πŸ“Œ 0

Very cool!

31.01.2025 04:47 πŸ‘ 0 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Windows Bug Class: Accessing Trapped COM Objects with IDispatch Posted by James Forshaw, Google Project Zero Object orientated remoting technologies such as DCOM and .NET Remoting make it very easy ...

New blog post on the abuse of the IDispatch COM interface to get unexpected objects loaded into a process. Demoed by using this to get arbitrary code execution in a PPL process. googleprojectzero.blogspot.com/2025/01/wind...

30.01.2025 18:37 πŸ‘ 65 πŸ” 41 πŸ’¬ 2 πŸ“Œ 0

In the past 6 months we’ve ported over 2,000 usermode accesses in ntoskrnl and securekernel to usermode accessors and discovered and fixed a handful of vulnerabilities in the process. I never thought we’d see such large scale refactoring

31.01.2025 03:31 πŸ‘ 1 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
windows-arm64 VM using qemu-system - Windows On Arm (WOA) - Confluence

Simple 3 steps to boot Arm64 WinVOS in QEMU (emulation mode).
linaro.atlassian.net/wiki/spaces/...

Boots in under a minute.

26.11.2024 16:35 πŸ‘ 3 πŸ” 2 πŸ’¬ 2 πŸ“Œ 0
Preview
Microsoft Validation OS Microsoft Validation OS

TIL we published WinVOS, a super lightweight Windows SKU. This is a great way to debug ultra hot system calls and other things that are just too noisy on a full version of Windows. I use it for development. learn.microsoft.com/en-us/window...

26.11.2024 17:13 πŸ‘ 1 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0

I didnt realize we publish WinVOS, that’s awesome

26.11.2024 17:10 πŸ‘ 1 πŸ” 0 πŸ’¬ 1 πŸ“Œ 0

More usermode accessor improvements are landing in Windows 😊

26.11.2024 01:41 πŸ‘ 2 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0

Work-around for long-term issue in Cygwin's fork() running on Arm64 resolved.
Really appreciate the energy and collaboration with the @msys2org.bsky.social folks!

14.11.2024 03:17 πŸ‘ 12 πŸ” 6 πŸ’¬ 1 πŸ“Œ 0