Get the definitive guide to writing more-secure code for Windows Vista—from the authors of the award-winning Writing Secure Code, Michael Howard and David LeBlanc. This reference is ideal for developers who understand the fundamentals of Windows programming and APIs. It complements Writing Secure Code, examining the delta between Windows XP and Windows Vista security. You get first-hand insights into design decisions, lessons learned from Windows Vista development, and practical advice for solving real-world security issues.
Discover how to:
Develop applications to run without administrator privileges
Apply best practices for using integrity controls
Help protect your applications with ASLR, NX, and SafeSEH
Evaluate authentication, authorization, and cryptography enhancements in Windows Vista
Write services that restrict privileges and tokens—and sidestep common problems
Learn how Windows Internet Explorer 7 defenses and new security features affect your development efforts
PLUS—Get Microsoft Visual C#, Visual C++, and C code samples on the Web
Chapter 1 Code Quality
The Windows Vista Quality Gates
All C/C++ String Buffers Annotated with SAL
Banned APIs Are Removed from the Codebase
Banned Cryptography Removed from the Codebase
Static Analysis Used to Find and Fix Bugs
Unmanaged C/C++ Compiled with /GS and Linked with /SafeSEH, /DynamicBase, and /NXCompat
Call to Action
References
Chapter 2 User Account Control, Tokens, and Integrity Levels
User Account Control in Depth
User Interface Considerations
Virtualization
Integrity Levels
Debugging Application Compatibility Issues in Windows Vista
The Importance of Code Signing
Privileges New to Windows Vista
Call to Action
References
Chapter 3 Buffer Overrun Defenses
ASLR
Stack Randomization
Heap Defenses
NX
/GS
SafeSEH
Summary
Call to Action
References
Chapter 4 Networking Defenses
IPv6 Overview
Network List Manager
The Windows Vista RSS Platform
Winsock Secure Socket Extensions
Windows Firewall with Advanced Security
Call to Action
References
Chapter 5 Creating Secure and Resilient Services
Services Overview
Service Accounts
Reducing Privileges
Controlling Network Access
Communicating with the Desktop
Lessons from the School of Hard Knocks
Call to Action
References
Chapter 6 Internet Explorer 7 Defenses
Pervasive Defenses
cURL and the IUri Interface
Lock Your ActiveX Control
Other Things You Should Know About Internet Explorer 7
Call to Action
References
Chapter 7 Cryptographic Enhancements
Kernel Mode and User Mode Support
Crypto-Agility
New Algorithms in CNG
Using CNG
CNG and FIPS
Improved Auditing
Something Missing from CNG
SSL/TLS Improvements
Root Certificates in Windows Vista
Deprecated Crypto Features in Windows Vista
Call to Action
References
Chapter 8 Authentication and Authorization
Windows CardSpace and Information Cards
Graphical Identification and Authorization (GINA) Changes
Owner SID Changes
Call to Action
References
Chapter 9 Miscellaneous Defenses and Security-Related Technologies
Adding Parental Controls Support to Your Application
Windows Defender APIs
New Credential User Interface API
Use the Security Event Log
Pointer Encoding
Kernel Mode Debugging Issues
Programming the Trusted Platform Module (TPM)
Windows SideBar and Gadget Security Considerations
Michael Howard, CISSP, is a leading security expert. He is a senior security program manager at Microsoft and the coauthor of The Software Security Development Lifecycle. Michael has worked on Windows security since 1992 and now focuses on secure design, programming, and testing techniques. He is the consulting editor for the Secure Software Development Series of books by Microsoft Press.
David LeBlanc, Ph.D., is a founding member of the Trustworthy Computing Initiative at Microsoft. He has been developing solutions for computing security issues since 1992 and has created award-winning tools for assessing network security and uncovering security vulnerabilities. David is a senior developer in the Microsoft Office Trustworthy Computing group.
