Server 2008
Solomon+Russinovich-Ionescu Interview
Channel 9 interviewed David Solomon and Mark Russinovich, co-authors (along with Alex Ionescu) of Windows Internals 5th Edition . Solomon describes how both of them started to collaborate on an earlier edition of the book way back when. Here it is.
what is fileinfo.sys ?
I like knowing what does what on the system at a binary level. Windows is getting bigger and bigger with every release, so it is becoming increasingly difficult to keep track of all the things that Microsoft is building into Windows. I have learnt a lot over the years by asking a simple question like [...]
Vista/2008 Service Pack 2 is out
Microsoft has made Windows Vista and Windows Server 2008 Service Pack 2 (Build 6.0.6002.18005) available for public download. You can get x86 stand-alone installer (348.3 MB) from here and the x64 SP2 (577.4 MB) from here.
Vista Security Internals
I came across Michael Muckin’s paper titled Windows Vista Security Internals in Blackhat archives recently. The paper begins with an introduction to Vista logon/security architecture1 changes vis-a-vis Windows XP and goes onto Vista crypto architecture (CNG, BCrypt, NCrypt). The paper ends with analysis of Vista SP1 changes in lsasrv.dll functions LsaInitializeProtectedMemory and LsaEncryptMemory, two functions involved in [...]
Device object reference counting
A device in Windows can be thought to be representative of a piece of hardware such as a hard disk or a network card. But devices do not need to be hardware and can be a higher level software construct (such as a volume device that represents a volume such as C:\, D:\ etc) or may be a software-only construct [...]
Launching a non-child process
When a process launches a child process, it becomes the parent of the child process. That is the default behaviour. In Vista however, a process can launch a process as a child of yet another process. This facility is used by User Account Control (UAC) when elevated processes are launched by AppInfo service to look [...]
Loading ...