The Old New Thing

Code - The Old New Thing

Session 0 isolation: Where backward compatibility loses to security

May 8, 2007 May 8, 2007 05/8/07
Raymond Chen
One of the major changes to services in Windows Vista is session 0 isolation. After reading the summary, you can follow that first supplementary link, Impact of Session 0 Isolation on Services and Drivers in Windows Vista, to dig deeper and receive guidance on how you need to modify your service. Then again, some of the questions I see ...

How my lack of understanding of how processes exit on Windows XP forced a security patch to be recalled

May 4, 2007 May 4, 2007 05/4/07
Raymond Chen
Last year, a Windows security update got a lot of flack for causing some machines to hang, and it was my fault. (This makes messing up a demo at the Financial Analysts Meeting look like small potatoes.) The security fix addressed a category of attacks wherein people could construct shortcut files or other items which specified a CLSID that was...

The old-fashioned theory on how processes exit

May 2, 2007 May 2, 2007 05/2/07
Raymond Chen
Life was simpler back in the old days. Back in the old days, processes were believed to be in control of their threads. You can see this in the "old fashioned" way of exiting a process, namely by exiting all the threads. This method works only if the process knows about all the threads running in it and can get each one to clean up when it's ...

The default verb is not necessarily "open"

April 30, 2007 Apr 30, 2007 04/30/07
Raymond Chen
If you hunt around the Internet you'll find lots of people† who hard-code the string as the second parameter to the function, indicating that they want to open the document specified as the third parameter. While that's a nice thing to want to do, it might not be the right thing. When the user double-clicks a document, the shell ...

Stupid debugger tricks: Calling functions and methods

April 27, 2007 Apr 27, 2007 04/27/07
Raymond Chen
Back in the old days, if you wanted to call a function from inside the debugger, you had to do it by hand: Save the registers, push the parameters onto the stack (or into registers if the function uses or ) push the address of the function, move the instruction pointer to the start of the function you want to call, then hit "g" to resume ...

The format of bitmap resources

April 20, 2007 Apr 20, 2007 04/20/07
Raymond Chen
The next entry in the continuing sporadic series on resource formats is the bitmap. You thought accelerator tables were simple; bitmaps are even simpler. A bitmap resource takes the same form as a file, except that there is no . That's all...

What is the default version of the shell common controls?

April 12, 2007 Apr 12, 2007 04/12/07
Raymond Chen
It depends on what you mean by default. As we saw earlier, the convention for Windows header files is that if you don't specify a particular version, then you get the most recent version. The shell common controls header file follows this convention, so if you include the Windows XP version of , you get functions, messages, and ...