Writing Secure Code for Windows Vista (Best Practices (Microsoft))
Writing Secure Code for Windows Vista (Best Practices (Microsoft))
ISBN: 0735623937
EAN: 2147483647
EAN: 2147483647
Year: 2004
Pages: 122
Pages: 122
Authors: Michael Howard, David LeBlanc
- Table of Contents
- Back Cover
- Writing Secure Code for Windows Vista
- Foreword
- Introduction
- Target Audience
- How does this Book Relate to Writing Secure Code?
- How to Read This Book
- Getting Started with the Code in this Book
- Whats on the Companion Web Site?
- System Requirements
- Microsoft Press Support
- Chapter 1: Code Quality
- The Windows Vista Quality Gates
- All CC String Buffers Annotated with SAL
- Banned APIs are Removed from the Codebase
- Banned Cryptography Removed from the Codebase
- Static Analysis Used to Find and Fix Bugs
- Unmanaged CC Compiled with GS and Linked with SafeSEH, DynamicBase, and NXCompat
- Call to Action
- References
- Chapter 2: User Account Control, Tokens, and Integrity Levels
- User Account Control in Depth
- User Interface Considerations
- Virtualization
- Integrity Levels
- Debugging Application Compatibility Issues in Windows Vista
- The Importance of Code Signing
- Privileges New to Windows Vista
- Call to Action
- References
- Chapter 3: Buffer Overrun Defenses
- ASLR
- Stack Randomization
- Heap Defenses
- NX
- GS
- SafeSEH
- Summary
- Call to Action
- References
- Chapter 4: Networking Defenses
- IPv6 Overview
- Network List Manager
- The Windows Vista RSS Platform
- Winsock Secure Socket Extensions
- Windows Firewall with Advanced Security
- Call to Action
- References
- Chapter 5: Creating Secure and Resilient
- Service Accounts
- Reducing Privileges
- Controlling Network Access
- Communicating with the Desktop
- Lessons from the School of Hard Knocks
- Call to Action
- References
- Chapter 6: Internet Explorer 7 Defenses
- Pervasive Defenses
- cURL and the IUri Interface
- Lock Your ActiveX Control
- Other Things You Should Know About Internet Explorer 7
- Call to Action
- References
- Chapter 7: Cryptographic Enhancements
- Kernel Mode and User Mode Support
- Crypto-Agility
- New Algorithms in CNG
- Using CNG
- CNG and FIPS
- Improved Auditing
- Something Missing from CNG
- SSLTLS Improvements
- Root Certificates in Windows Vista
- Deprecated Crypto Features in Windows Vista
- Call to Action
- References
- Chapter 8: Authentication and Authorization
- Graphical Identification and Authorization (GINA) Changes
- Owner SID Changes
- Call to Action
- References
- Chapter 9: Miscellaneous Defenses and Security-Related Technologies
- Adding Parental Controls Support to Your Application
- The 450 Error
- Windows Defender APIs
- New Credential User Interface API
- Use the Security Event Log
- Pointer Encoding
- Kernel Mode Debugging Issues
- Programming the Trusted Platform Module (TPM)
- Windows SideBar and Gadget Security Considerations
- References
- Index
- A
- B
- C
- D
- E
- F
- G
- H
- I
- J
- K
- L
- M
- N
- O
- P
- Q
- R
- S
- T
- U
- V
- W
- X
- List of Figures
- List of Tables
- List of Sidebars
Writing Secure Code for Windows Vista (Best Practices (Microsoft))
ISBN: 0735623937
EAN: 2147483647
EAN: 2147483647
Year: 2004
Pages: 122
Pages: 122
Authors: Michael Howard, David LeBlanc