Windows Internals, Part 1

Windows Internals, Part 1 : System architecture, processes, threads, memory management, and more

4.37 (135 ratings by Goodreads)
By (author)  , By (author)  , By (author)  , By (author) 

Free delivery worldwide

Available. Dispatched from the UK in 2 business days
When will my order arrive?

Not expected to be delivered to the United States by Christmas Not expected to be delivered to the United States by Christmas


The definitive guide-fully updated for Windows 10 and Windows Server 2016 Delve inside Windows architecture and internals, and see how core components work behind the scenes. Led by a team of internals experts, this classic guide has been fully updated for Windows 10 and Windows Server 2016.Whether you are a developer or an IT professional, you'll get critical, insider perspectives on how Windows operates. And through hands-on experiments, you'll experience its internal behavior firsthand-knowledge you can apply to improve application design, debugging, system performance, and support. This book will help you:* Understand the Window system architecture and its most important entities, such as processes and threads* Examine how processes manage resources and threads scheduled for execution inside processes* Observe how Windows manages virtual and physical memory* Dig into the Windows I/O system and see how device drivers work and integrate with the rest of the system* Go inside the Windows security model to see how it manages access, auditing, and authorization, and learn about the new mechanisms in Windows 10 and Server 2016show more

Product details

  • Paperback | 800 pages
  • 150 x 250 x 15mm | 666g
  • Microsoft Press,U.S.
  • Redmond, United States
  • English
  • 7th edition
  • 0735684189
  • 9780735684188
  • 68,800

About Pavel Yosifovich

Pavel Yosifovich is a developer, trainer, and author specializing in Microsoft technologies and tools. He is a Microsoft MVP and a Pluralsight author, and loves all things software. Pavel has been around since the days of 8-bit machines and still looks back fondly on his programming days on his Commodore 64. Alex Ionescu is Vice President of EDR Strategy at CrowdStrike and an internationally recognized expert in low-level system software, operating system research and kernel development, security training, and reverse engineering. He teaches Windows Internals courses around the world and is active in the security research community through conference talks and bug bounty programs. Mark Russinovich is Chief Technology Officer for Microsoft Azure, Microsoft's global enterprise-grade cloud platform. Mark is a widely recognized expert in distributed systems and operating systems. He co-founded Winternals Software and joined Microsoft in 2006 when it was acquired. He is the primary author of the Sysinternals tools and website, which include dozens of popular Windows administration and diagnostic utilities. David Solomon (retired) taught Windows kernel internals for 20 years to developers and IT professionals worldwide, including at Microsoft. His first book was Windows NT for OpenVMS Professionals. He then authored Inside Windows NT, 2nd edition, and later, with Mark Russinovich, coauthored the 3rd, 4th, 5th, and 6th editions of the Windows Internals series. David has spoken at many Microsoft conferences and was a recipient of the 1993 and 2005 Microsoft Support Most Valuable Professional (MVP) more

Table of contents

Chapter 1: Concepts and tools Windows operating system versions Foundation concepts and terms Digging into Windows internals Conclusion Chapter 2: System architecture Requirements and design goals Operating system model Architecture overview Virtualization-based security architecture overview Key system components Conclusion Chapter 3: Processes and jobs Creating a process Process internals Protected processes Minimal and Pico processes Trustlets (secure processes) Flow of CreateProcess Terminating a process Image loader Jobs Conclusion Chapter 4: Threads Creating threads Thread internals Examining thread activity Thread scheduling Group-based scheduling Worker factories (thread pools) Conclusion Chapter 5: Memory management Introduction to the memory manager Services provided by the memory manager Kernel-mode heaps (system memory pools) Heap manager Virtual address space layouts Address translation Page fault handling Stacks Virtual address descriptors NUMA Section objects Working sets Page frame number database Physical memory limits Memory compression Memory partitions Memory combining Memory enclaves Proactive memory management (SuperFetch) Conclusion Chapter 6: I/O system I/O system components Interrupt Request Levels and Deferred Procedure Calls Device drivers I/O processing Driver Verifier The Plug and Play manager General driver loading and installation The Windows Driver Foundation The power manager Conclusion Chapter 7: Security Security ratings Security system components Virtualization-based security Protecting objects The AuthZ API Account rights and privileges Access tokens of processes and threads Security auditing AppContainers Logon User Account Control and virtualization Exploit mitigations Application Identification AppLocker Software Restriction Policies Kernel Patch Protection PatchGuard HyperGuard Conclusionshow more

Rating details

135 ratings
4.37 out of 5 stars
5 51% (69)
4 39% (52)
3 8% (11)
2 1% (2)
1 1% (1)
Book ratings by Goodreads
Goodreads is the world's largest site for readers with over 50 million reviews. We're featuring millions of their reader ratings on our book pages to help you find your new favourite book. Close X