Windows Internals, Part 1

by ; ;
  • ISBN13:


  • ISBN10:


  • Edition: 6th
  • Format: Paperback
  • Copyright: 2012-03-15
  • Publisher: Microsoft Press
  • View Upgraded Edition
  • Purchase Benefits
  • Free Shipping On Orders Over $35!
    Your order must be $35 or more to qualify for free economy shipping. Bulk sales, PO's, Marketplace items, eBooks and apparel do not qualify for this offer.
  • Get Rewarded for Ordering Your Textbooks! Enroll Now
List Price: $44.99 Save up to $1.80
  • eBook
    Add to Cart


Supplemental Materials

What is included with this book?

  • The eBook copy of this book is not guaranteed to include any supplemental materials. Typically, only the book itself is included. This is true even if the title states it includes any access cards, study guides, lab manuals, CDs, etc.


Delve inside Windows architecture and internalsguided by a team of internationally renowned internals experts. Fully updated for Windows 7 and Windows Server 2008 R2, this classic guide delivers key architectural insights on system design, debugging, performance, and supportalong with hands-on experiments to experience Windows internal behavior firsthand. See how Windows components work behind the scenes: Understand how the core system and management mechanisms work Explore internal system data structures using tools like the kernel debugger Go inside the Windows security model to see how it authorizes access to data Understand how Windows manages physical and virtual memory Tour the Windows networking stack from top to bottom Troubleshoot file-system access problems and system boot problems Learn how to analyze crashes

Author Biography

Alex Ionescu is a chief software architect and consultant expert in low-level system software, kernel development, security training, and reverse engineering. He teaches Windows internals course with David Solomon, and is active in the security research community.

Table of Contents

Structure of the Book
History of the Book
Sixth Edition Changes
Hands-on Experiments
Topics Not Covered
A Warning and a Caveat
Errata & Book Support
We Want to Hear from You
Stay in Touch
Concepts and Tools
Windows Operating System Versions
Foundation Concepts and Terms
Digging into Windows Internals
System Architecture
Requirements and Design Goals
Operating System Model
Architecture Overview
Key System Components
System Mechanisms
Trap Dispatching
Object Manager
System Worker Threads
Windows Global Flags
Advanced Local Procedure Call
Kernel Event Tracing
User-Mode Debugging
Image Loader
Hypervisor (Hyper-V)
Kernel Transaction Manager
Hotpatch Support
Kernel Patch Protection
Code Integrity
Management Mechanisms
The Registry
Unified Background Process Manager
Windows Management Instrumentation
Windows Diagnostic Infrastructure
Processes, Threads, and Jobs
Process Internals
Protected Processes
Flow of CreateProcess
Thread Internals
Examining Thread Activity
Worker Factories (Thread Pools)
Thread Scheduling
Processor Share-Based Scheduling
Dynamic Processor Addition and Replacement
Job Objects
Security Ratings
Security System Components
Protecting Objects
The AuthZ API
Account Rights and Privileges
Access Tokens of Processes and Threads
Security Auditing
User Account Control and Virtualization
Application Identification (AppID)
Software Restriction Policies
Windows Networking Architecture
Networking APIs
Multiple Redirector Support
Distributed File System Namespace
Distributed File System Replication
Offline Files
Name Resolution
Location and Topology
Protocol Drivers
NDIS Drivers
Layered Network Services
About The Authors
More Resources for Developers
Microsoft Press® books
Find the Right Resource for You
Table of Contents provided by Publisher. All Rights Reserved.

Rewards Program

Write a Review