Mark Russinovich - Böcker

The definitive guide to modern Windows internals: new coverage of virtualization, file systems, boot, security, and more.

For advanced computing professionals, this is the definitive up-to-date guide to how Windows core components behave “under the hood.” Using it, experienced developers can build more powerful and scalable software, administrators can debug complex system and performance problems, and security researchers can harden their systems. This Seventh Edition is fully updated through the May 2021 (21H1/2104) updates to Windows 10 and Windows Server (2022, 2019, and 2016). It adds extensive content on Hyper-V, plus fully rewritten chapters on the boot process, new storage technologies, and Windows system and management mechanisms. As always, it delivers unparalleled insight based on insider access to Microsoft source code, with hands-on experiments using the latest debugging tools to show you Windows’ internal behaviors firsthand. With Windows 11 introducing new user interface design elements that build upon the same core technologies as Windows 10, readers will be well-prepared for this new chapter of computing.

Leading Windows insiders help you:

• Discover system mechanisms for serving device drivers and applications, including ALPC, Object Manager, synchronization, WNF, WoW64, and the processor execution model

• Explore underlying hardware architecture, including trap processing, segmentation, and side channel vulnerabilities

• Understand Windows virtualization, and how virtualization-based security (VBS) protects against OS vulnerabilities

• Delve into key management and configuration mechanisms, including the Registry, Windows services, WMI, and Task Scheduling

• Explore diagnostic services such as Event Tracing for Windows (ETW) and DTrace

• Learn how the cache manager and file system drivers interact to provide reliable support for files, directories, and disks, including on Persistent Memory (NVDIMM) DAX devices.

• Understand NTFS, ReFS, and other Windows file systems

• Review Windows startup/shutdown operations, and OS components involved in boot flow

• Analyze UEFI-based Secure Boot, Measured Boot, and Secure Launch

About This Book

• For experienced programmers, architects, software quality and performance specialists, administrators, security practitioners, and support professionals

• Assumes you are a Windows power user

Delve inside Windows architecture and internals—and see how core components work behind the scenes. Led by three renowned internals experts, this classic guide is fully updated for Windows 7 and Windows Server 2008 R2—and now presents its coverage in two volumes.

As always, you get critical insider perspectives on how Windows operates. And through hands-on experiments, you’ll experience its internal behavior firsthand—knowledge you can apply to improve application design, debugging, system performance, and support.

In Part 2, you’ll examine:

The definitive guide–fully updated for Windows 10 and Windows Server 2016

Delve inside Windows architecture and internals, and see how core components work behind the scenes. Led by a team of internals experts, this classic guide has been fully updated for Windows 10 and Windows Server 2016.

Whether you are a developer or an IT professional, you’ll get critical, insider perspectives on how Windows operates. And through hands-on experiments, you’ll experience its internal behavior firsthand–knowledge you can apply to improve application design, debugging, system performance, and support.

This book will help you:

· Understand the Window system architecture and its most important entities, such as processes and threads

· Examine how processes manage resources and threads scheduled for execution inside processes

· Observe how Windows manages virtual and physical memory

· Dig into the Windows I/O system and see how device drivers work and integrate with the rest of the system

· Go inside the Windows security model to see how it manages access, auditing, and authorization, and learn about the new mechanisms in Windows 10 and Server 2016

Optimize Windows system reliability and performance with Sysinternals

IT pros and power users consider the free Windows Sysinternals tools indispensable for diagnosing, troubleshooting, and deeply understanding the Windows platform. In this extensively updated guide, Sysinternals creator Mark Russinovich and Windows expert Aaron Margosis help you use these powerful tools to optimize any Windows system’s reliability, efficiency, performance, and security. The authors first explain Sysinternals’ capabilities and help you get started fast. Next, they offer in-depth coverage of each major tool, from Process Explorer and Process Monitor to Sysinternals’ security and file utilities. Then, building on this knowledge, they show the tools being used to solve real-world cases involving error messages, hangs, sluggishness, malware infections, and much more.

Windows Sysinternals creator Mark Russinovich and Aaron Margosis show you how to: