New update to WinDbg was released on February 6, 2009. Get It Here.

Changes:

Numerous bug fixes and documentation updates
Numerous updates to improve 1394 debugging (see relnotes.txt for details)
support using ..process /p .. in kd -kl, so you can see user mode memory in the appropriate process context (which means user mode stacks, !peb, etc.)

The papers and presentations from Blackhat 2009 are becoming available as we speak. They can be found HERE. I plan to devour and comment on some of them this week... (assuming I get the time).

I just read a new blog post on the The Top Ten Vulnerability Discoverers of All Time - by Gunter Ollman at the Frequency X Blog. I have the utmost respect for the X-Force folks, many of the best researchers and security practitioners in the world today have come from this camp over the course of the last 15+ years. And to be completely honest, I understand why this information would be of interest to the blog readers (I probably would have published it as well had I owned it). However, I hate what it represents...

At one point in history, vulnerability research and discovery was about fixing the bugs and stopping the bad guys from abusing the holes. Somewhere along the line it became a game of "I'm cooler... I found the most interesting flaw!". And finally, as if that wasn't bad enough, it appears as if the latest bragging right is "I found the MOST flaws!". My thoughts on this is.. "Who Cares?!". Let's get back to fixing things because it's the right thing to do. Let's get back to working with the vendors to make the computing world safer. Let's stop worrying about flaw counts and who's the most uber. Sadly.. I don't think we can go back in time - R.I.P. the good old days.