Building Windows (7) Applications Microsoft ® Corporation.

Building Windows (7) ApplicationsMicrosoft® Corporation

Microsoft Confidential

Few Changes: Most software that runs on Windows Vista will run on Windows 7 - exceptions will be low level code (AV,

Firewall, Imaging, etc). Hardware that runs Windows Vista well will run Windows 7 well.

Windows 7Windows 7

Few Changes: Focus on quality and reliability improvements

Deep Changes: New models for security, drivers, deployment, and

networking


// Determine which dll to loadif (!GetVersionEx(&osvi)) { return FALSE; }if (osvi.dwMajorVersion >= 5 && osvi.dwMinorVersion >= 1) {

// XP and newer OS, use Apphelp lpwzDll = L"Apphelp.dll";

} else if (osvi.dwMajorVersion == 5 && osvi.dwMinorVersion == 0) {

// Windows 2000, use sdbapiu lpwzDll = L“SdbApiu.dll";

} else {// Older Version, use sdbapilpwzDll = L“SdbApi.dll";}

return LoadLibraryFromSystem32(lpwzDll);


HMODULE hMod; hMod = LoadLibrary(L"Apphelp.dll");if (hMod) return hMod; hMod = LoadLibrary(L"sdbapiu.dll");if (hMod) return hMod; hMod = LoadLibrary(L"sdbapi.dll");if (hMod) return hMod;


// Get module handleHMODULE hKernel32Module = GetModuleHandle(_T("kernel32.dll"));// Get Address of functionSetWaitableTimerExProc pFn = (SetWaitableTimerExProc)GetProcAddress(hKernel32Module, "SetWaitableTimerEx");

if (pFn != NULL)pFn(hTimer, &liDueTime,

1000, NULL, NULL,&reasonContext, 1000);

Not Allowed

•Install applications•Change system components•Change per machine settings•Admin “privileges”

Allowed

• Run most applications• Change per user settings

Filtered Token

Admin Token

Abby

Admin Token

AppAdmin Token

Filtered Token

AppFiltered TokenChild App

Filtered Token

• Administrative and standard user processes share the same desktop

• Process Isolation mechanisms– Integrity level for processes– UI Privilege Isolation

• “Lower” cannot interfere with “Higher”

User ProcessMIC = MediumUser Process

MIC = Medium

Admin AppMIC = HighAdmin AppMIC = High

• All processes gets a MIC level• All resources get a MIC level• There are four levels:

Medium (Default)Medium (Default)

LowLow

Write

Write

Medium Process(Default)

Low Process(Protected Mode IE)

Read

Read

ReadRead

Read

Read

Medium (Default)Medium (Default)

LowLow

Write

Write

Low Process(PMIE)

Write

Write

SendMessage

SendMessage


Low Process(PMIE)

SendMessage

SendMessage

SendMessageSendMessage

SendMessageSendMessage


Low Process(PMIE)

Luafv.sysLuafv.sys

Ntfs.sysNtfs.sys

Legacy Legacy applicationapplication

User modeUser mode

Kernel modeKernel mode

\Windows\App.ini\Windows\App.ini

\Users\<user>\AppData\Local\\Users\<user>\AppData\Local\VirtualStore\Windows\App.iniVirtualStore\Windows\App.ini

Windows Windows VistaVista®®

applicationapplication

\Windows\App.ini\Windows\App.ini

Access Access DeniedDenied

Session 0

Window StationDesktop

Screen Saver

Login

Services

1st User’sWindow

1st User’sWindow

1st User’sWindow

Shatter AttackShatter Attack


Service

Service

Session 1


Screen Saver

Login

1st User’sWindow

1st User’sWindow

1st User’sWindow

Secure

© 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.

The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after

the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Building Windows (7) Applications Microsoft ® Corporation.

Documents

Transcript of Building Windows (7) Applications Microsoft ® Corporation.