Fundamental of Windows

Part of the Advances in Information Security book series (ADIS, volume 44)

Programs are tightly coupled with the operating system. So for reversing of binaries it becomes important to understand the principles and features of operating system. Some of the features which are discussed in this chapter are, virtual memory, portability, multithread, multiprocessor capability, security and compatibility. Windows NT is a 32-bit computing environment however, the current operating system also support 64-bit versions. Windows NT was a combination of C and C++, so it can be recompiled to run on different processors. It is also a fully pre-emptive multithreaded system. Windows NT also provides support for multiprocessor capability. This makes Windows NT suited for high performance computing. In Windows NT every object has an access control list, which determines which users are allowed to manipulate the objects. In terms of security, Vista provides Address Space layout randomization (ASLR). ASLR involves randomly arranging the positions of key data areas. This includes the base of the executable and position of libraries, heap, and stack, in a process's address space. ASLR is effective in prevention against the buffer overflow exploits. Access Control List is provided for each file for windows NT. It supports encryption for each file. Windows NT is compatible with the older version of applications executing on a 16-bit platform. The chapter discusses these points in detail.


Main Memory Application Programming Interface Address Space Memory Management Kernel Mode 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Copyright information

© Springer-Verlag US 2009

Authors and Affiliations

  1. 1.Microsoft CorporationRedmondUSA

Personalised recommendations