The VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Windows. The vulnerability is caused by a stack overflow error in the OpenType Compact Font Format (CFF) driver "ATMFD.dll" when processing certain operands within an OpenType font, which could be exploited by remote attackers to execute arbitrary code on a vulnerable Windows 7, Windows Server 2008, Windows Server 2008 R2, and Windows Vista systems via a malicious font, or by local attackers to gain elevated privileges on Windows XP and Windows Server 2003 systems via a malicious application.

This Metasploit module exploits a stack-based buffer overflow on DVD X Player 5.5 Pro and Standard. By supplying a long string of data in a plf file (playlist), the MediaPlayerCtrl.dll component will attempt to extract a filename out of the string, and then copy it on the stack without any proper bounds checking, which causes a buffer overflow, and results arbitrary code execution under the context of the user. This Metasploit module has been designed to target common Windows systems such as: Windows XP SP2/SP3, Windows Vista, and Windows 7.

This Metasploit module exploits a buffer overflow in ACDSee FotoSlate 4.0 Build 146 via a specially crafted id parameter in a String element. When viewing a malicious PLP file with the ACDSee FotoSlate product, a remote attacker could overflow a buffer and execute arbitrary code. This exploit has been tested on systems such as Windows XP SP3, Windows Vista, and Windows 7.

This Metasploit module exploits a stack based buffer overflow in CCMPlayer 1.5. Opening a m3u playlist with a long track name, a SEH exception record can be overwritten with parts of the controllable buffer. SEH execution is triggered after an invalid read of an injectable address, thus allowing arbitrary code execution. This Metasploit module works on multiple Windows platforms including: Windows XP SP3, Windows Vista, and Windows 7.

This Metasploit module exploits a vulnerability found in NTR ActiveX 1.1.8. The vulnerability exists in the Check() method, due to the insecure usage of strcat to build a URL using the bstrParams parameter contents, which leads to code execution under the context of the user visiting a malicious web page. In order to bypass DEP and ASLR on Windows Vista and Windows 7 JRE 6 is needed.

The Windows kernel does not properly isolate broadcast messages from low integrity applications from medium or high integrity applications. This allows commands to be broadcasted to an open medium or high integrity command prompts allowing escalation of privileges. We can spawn a medium integrity command prompt, after spawning a low integrity command prompt, by using the Win+Shift+# combination to specify the position of the command prompt on the taskbar. We can then broadcast our command and hope that the user is away and doesn't corrupt it by interacting with the UI. Broadcast issue affects versions Windows Vista, 7, 8, Server 2008, Server 2008 R2, Server 2012, RT. But Spawning a command prompt with the shortcut key does not work in Vista so you will have to check if the user is already running a command prompt and set SPAWN_PROMPT false. The WEB technique will execute a powershell encoded payload from a Web location. The FILE technique will drop an executable to the file system, set it to medium integrity and execute it. The TYPE technique will attempt to execute a powershell encoded payload directly from the command line but it may take some time to complete.

A buffer overflow in the CheckMonitor() function in the Common Desktop Environment 2.3.1 and earlier and 1.6 and earlier, as distributed with Oracle Solaris 10 1/13 (Update 11) and earlier, allows local users to gain root privileges via a long palette name passed to dtsession in a malicious .Xdefaults file. Note that Oracle Solaris CDE is based on the original CDE 1.x train, which is different from the CDE 2.x codebase that was later open sourced. Most notably, the vulnerable buffer in the Oracle Solaris CDE is stack-based, while in the open source version it is heap-based.

A difficult to exploit stack-based buffer overflow in the _DtCreateDtDirs() function in the Common Desktop Environment version distributed with Oracle Solaris 10 1/13 (Update 11) and earlier may allow local users to corrupt memory and potentially execute arbitrary code in order to escalate privileges via a long X11 display name. The vulnerable function is located in the libDtSvc library and can be reached by executing the setuid program dtsession. Versions 2.3.1 and below as well as 1.6 and earlier are affected.

A difficult to exploit heap-based buffer overflow in setuid root whodo and w binaries distributed with Solaris allows local users to corrupt memory and potentially execute arbitrary code in order to escalate privileges.

A vulnerability exists within the Microsoft Server Message Block 3.1.1 (SMBv3) protocol that can be leveraged to execute code on a vulnerable server. This local exploit implementation leverages this flaw to elevate itself before injecting a payload into winlogon.exe.

Delta Industrial Automation DCISoft version 1.12.09 suffers from a stack buffer overflow vulnerability.

A heap memory buffer overflow vulnerability exists within the WebKit's JavaScriptCore JSArray::sort(...) method. The exploit for this vulnerability is javascript code which shows how to use it for memory corruption of internal JS objects (Unit32Array and etc.) and subsequent arbitrary code execution (custom ARM/x64 payloads can be pasted into the JS code). This exploit affects Apple Safari version 6.0.1 for iOS 6.0 and OS X 10.7/8. Earlier versions may also be affected. It was obtained through the Packet Storm Bug Bounty program.

A heap memory buffer overflow vulnerability exists within the WebKit's JavaScriptCore JSArray::sort(...) method. This method accepts the user-defined JavaScript function and calls it from the native code to compare array items. If this compare function reduces array length, then the trailing array items will be written outside the "m_storage->m_vector[]" buffer, which leads to the heap memory corruption. This finding was purchased through the Packet Storm Bug Bounty program.

Global FDI flows recorded a marginal 1% fall in 2019, but the value of announced greenfield investment projects plummets by 22%.

Global free zones may be spurring development in less economically developed countries

8minute Solar Energy, NV Energy and the Moapa Band of Paiutes announced that NV Energy selected 8minute to develop the largest solar plus storage project ever built in Nevada and one of the largest in the world.

In late 2018, I put out the call to see how many fellow energy nerds I could gather to indulge me in combining my passion for energy analysis and clean power policy with my love of fantasy sports. By the end of January 2019, I had my cast of characters who somehow thought this idea was as fun as I did (isn’t the Internet the greatest tool for finding people who share your interests?) and I released my Draft Preview. Coordinating this draft among 14 different teams with different time zones and schedules chock-full of actually helping to save the planet proved no easy task, but by the end of March we had conducted 5 rounds of picks for a total of 70 selections in this Inaugural Fantasy Energy League!

The Low Impact Hydropower Institute recently announced it had awarded low-impact certification status to two hydroelectric facilities:

The national average price of wind power purchase agreements dropped to below 2 cents/kWh in 2018, according to the annual Wind Technologies Market Report released by the U.S. Department of Energy.

California’s energy storage incentive program has been a great success, with more than 11,000 battery storage systems installed to-date. The problem is, it’s not reaching the state’s most vulnerable communities. A new proposal from the California Public Utilities Commission (CPUC) aims to fix some of the barriers preventing disadvantaged communities from participating in the program, and it allocates $100 million to a new program designed to offset the cost of battery storage systems for populations threatened by wildfires and related utility power shutoffs.

Unusually still weather in the upper Midwest and Great Plains in late 2018 has already taken a bite out of earnings at NextEra Energy Inc. and Avangrid Inc., which both operate large wind farms. Other wind generators have yet to report fourth-quarter results, including Pattern Energy Group Inc., TerraForm Power Inc. and Clearway Energy Inc.

Idaho Power unveiled a goal Tuesday to provide 100-percent clean energy by 2045 on the heels of an announcement that it will purchase 120-MW of solar energy through a PPA with Jackpot Holdings at a price of less than US $0.022 cents per kWh.

8minute Solar Energy, NV Energy and the Moapa Band of Paiutes announced that NV Energy selected 8minute to develop the largest solar plus storage project ever built in Nevada and one of the largest in the world.

Last month, Delaware Governor John Carney signed Senate Bill 113 into law, enabling Commercial Property Assessed Clean Energy (C-PACE) financing in Delaware. Once implemented, PACE will offer a new method for financing commercial energy efficiency and renewable energy projects.

Crowdfunding has become a popular tool for people and organizations to use to test out their new ideas for green products while securing funds to begin operations. The most well-known crowdfunding websites, Kickstarter and Indiegogo, have helped a significant amount of projects in renewable energy and sustainability get off the ground, projects that have been the focus of previous installments in my ongoing articles series about crowdfunding in energy.

Global funding for clean-energy projects sagged in 2018 after China’s decision to curb subsidies dragged down installations in the world’s biggest solar market.

California’s energy storage incentive program has been a great success, with more than 11,000 battery storage systems installed to-date. The problem is, it’s not reaching the state’s most vulnerable communities. A new proposal from the California Public Utilities Commission (CPUC) aims to fix some of the barriers preventing disadvantaged communities from participating in the program, and it allocates $100 million to a new program designed to offset the cost of battery storage systems for populations threatened by wildfires and related utility power shutoffs.

Global investment in clean energy slumped 15 percent in the first quarter to the lowest level in two years because of a decline in wind and utility-scale projects.

Construction resumed Oct. 4 on tunnel works after a brief work stoppage that began on Sept. 28 at the 20-MW Lower Modi Khola run-of-river hydropower facility.
 

Idaho Power unveiled a goal Tuesday to provide 100-percent clean energy by 2045 on the heels of an announcement that it will purchase 120-MW of solar energy through a PPA with Jackpot Holdings at a price of less than US $0.022 cents per kWh.

This week energy storage maker ESS Inc said that it had deployed an Energy Warehouse (EW) long-duration flow battery system at Marine Corps Base Camp Pendleton in San Diego, California.

On Monday, Portland-Oregon-based flow battery manufacturer ESS announced that it has joined Power Africa, a U.S. government-led partnership coordinated by the U.S. Agency for International Development (USAID), as a private sector partner. ESS is the program’s first flow battery partner.

8minute Solar Energy, NV Energy and the Moapa Band of Paiutes announced that NV Energy selected 8minute to develop the largest solar plus storage project ever built in Nevada and one of the largest in the world.

In late 2018, I put out the call to see how many fellow energy nerds I could gather to indulge me in combining my passion for energy analysis and clean power policy with my love of fantasy sports. By the end of January 2019, I had my cast of characters who somehow thought this idea was as fun as I did (isn’t the Internet the greatest tool for finding people who share your interests?) and I released my Draft Preview. Coordinating this draft among 14 different teams with different time zones and schedules chock-full of actually helping to save the planet proved no easy task, but by the end of March we had conducted 5 rounds of picks for a total of 70 selections in this Inaugural Fantasy Energy League!

California’s energy storage incentive program has been a great success, with more than 11,000 battery storage systems installed to-date. The problem is, it’s not reaching the state’s most vulnerable communities. A new proposal from the California Public Utilities Commission (CPUC) aims to fix some of the barriers preventing disadvantaged communities from participating in the program, and it allocates $100 million to a new program designed to offset the cost of battery storage systems for populations threatened by wildfires and related utility power shutoffs.

Presentation by Russell Nowland of CommScope

Presentation by Jason Fullerton of ACI Technologies, Inc.

Presentation by Jasbir Bath of Christopher Associates.

The European Union needs an ambitious emissions-reduction goal, targets for energy- efficiency and renewables as well as tools to foster investment under its planned 2030 policies, an advisory panel to 14 ministers said.

The Brazilian government is seeking to award contracts in an auction tomorrow for natural gas- and coal-fueled power plants, reversing a drive that previously favored renewable-energy projects. It would lead to the first new thermal plants in three years, after the government scaled back such projects and awarded wind contracts starting in 2009 and solar energy earlier this year.

A new report by utility and finance experts contains positive news for the environment, our air and our (and our utilities’) pocketbooks — the economics of electric power resources have made zero-emissions energy efficiency and renewable energy technologies the most financially attractive options to meet the nation’s future energy demands.

The California Energy Commission (CEC) and U.S. Navy (USN) are teaming up to spur deployment of grid-integrated local renewable energy resources and advanced energy storage solutions. On December 1, Imergy Power Systems announced that its ESP30 series vanadium-flow batteries will be used in a CEC-sponsored Smart Microgrid project hosted by the Navy at its Mobile Utilities Support Equipment (MUSE) Facility in Port Hueneme, California.

The recent dramatic plunge in oil and natural gas prices, to their lowest level since the global recession in 2009, has some observers worried about the effect on clean tech. Conventional wisdom has it that renewables have a tougher time competing when fossil fuels are cheap, making grid parity (in the case of natural gas-fired electricity) more elusive for solar and wind power.

For many mining companies, the rallying cry for investigating solar or wind energy options has been that the price of oil and other conventional fuels is too high — and will almost certainly rise over time. Now, though, with oil prices having taken a dramatic nosedive, this argument no longer packs quite the same punch that it once did.

The first round of the Contracts for Difference (CfD) programme — the UK scheme that is designed to support low-carbon generation and a capacity margin in the energy sector — has concluded. Contracts were offered to 27 renewable electricity projects with a total value of some £315 million (US$500 million), which include two offshore wind farms with a total planned capacity of more than 1.1 GW, 15 onshore wind projects and five solar projects. In total, more 2 GW of new low-carbon capacity (including renewables, nuclear and carbon capture and storage) could be built under the CfD scheme.