P

page files, creating, 106

Paget, Chris, 110

parental controls, 163, 164

“block file downloads,” enabling, 166

code for, 165

error 450, 166

filtering, turning off, 166–167

logging events, 167

time limits, 165–166

parsing, URL, 130–131

password-based key derivation, 144, 154

password management, and local user accounts, 99

password security, and Information Card, 152

password theft, 153–154

patents, 151

PCT (Private Communication Technology), 132–133

peer-to-peer functionality, 75

phishing attacks, 152

CardSpace and, 153–156

PID (process identity), 15

PIN protection, and Information Cards, 154

Pincus, Jon, 49

pipe server attacks, 115–116

pipes

handling code, sample, 114–115

integrity levels and, 41

named, 112–116

pointers

C/C++, 3–4, 172, 173–175

dangling, 55

encoded/encoding, 54, 163, 172–175

exception handling, 71

function, 54, 58

long-lived, 163, 172

m_data, 173

m_dest, 173

null, 56–57, 174–175

policy setting, cipher suites, 144–145

port connections, and firewalls, 91–92

port-restricted cone NATS, 80

PostMessage, 24

PostQueuedCompletionStatus, 114

Power Users, and access, 13–14

PowerShell, and credentials/consent prompts, 25

PREfast analysis tool, 9

primary process token

assigning, 104

creating, 105

Private Communication Technology (PCT), 132–133

privilege warnings, 43

privileges

benign, 106–107

date and time, 25

Debug, 17, 43

high-level, 104–106

integrity levels and, 37, 40, 45

new to Windows Vista, 44–45

reducing, 102–107

process elevation, determination of, 20–22

Process Explorer, 17

and integrity levels, 34

process identity (PID), 15

process priority, base, changing, 107

process warnings, 43–44

process working set, increasing, 45

processes, virtualized, finding, 29–30

profiling information, acquiring, 107

Program File directory, access to, 13, 28, 29, 45–46

Protected Mode, Internet Explorer, 40, 41–42, 124–126

providers, CNG, 137–138