Writing Secure Code for Windows Vista
Published on 11. April 2007
Book
Paperback/Softback
224 pages
978-0-7356-2393-4 (ISBN)
Description
Get the definitive guide to writing more-secure code for Windows Vista-from the authors of the award-winning Writing Secure Code, Michael Howard and David LeBlanc. This reference is ideal for developers who understand the fundamentals of Windows programming and APIs. It complements Writing Secure Code, examining the delta between Windows XP and Windows Vista security. You get first-hand insights into design decisions, lessons learned from Windows Vista development, and practical advice for solving real-world security issues.
Discover how to:
Develop applications to run without administrator privileges
Apply best practices for using integrity controls
Help protect your applications with ASLR, NX, and SafeSEH
Evaluate authentication, authorization, and cryptography enhancements in Windows Vista
Write services that restrict privileges and tokens-and sidestep common problems
Learn how Windows Internet Explorer 7 defenses and new security features affect your development efforts
PLUS-Get Microsoft Visual C#, Visual C++, and C code samples on the Web
Discover how to:
Develop applications to run without administrator privileges
Apply best practices for using integrity controls
Help protect your applications with ASLR, NX, and SafeSEH
Evaluate authentication, authorization, and cryptography enhancements in Windows Vista
Write services that restrict privileges and tokens-and sidestep common problems
Learn how Windows Internet Explorer 7 defenses and new security features affect your development efforts
PLUS-Get Microsoft Visual C#, Visual C++, and C code samples on the Web
More details
Persons
David LeBlanc, Ph.D., is a founding member of the Trustworthy Computing Initiative at Microsoft. He has been developing solutions for computing security issues since 1992 and has created award-winning tools for assessing network security and uncovering security vulnerabilities. David is a senior developer in the Microsoft Office Trustworthy Computing group.
Content
Chapter 1: Code Quality Chapter 2: User Account Control, Tokens, And Integrity Levels Chapter 3: Buffer Overrun Defenses Chapter 4: Networking Defenses Chapter 5: Creating Secure And Resilient Services Chapter 6: Internet Explortr 7 Defenses Chapter 7: Cryptographic Enhancements Chapter 8: Authentication And Authorization Chapter 9: Miscellaneous Defenses And Security-Related Technologies