New Book: Writing Secure Code for Windows Vista
Even though we (kinda) promised our wives we wouldn’t do it, David LeBlanc and I have just wrapped up another book, Writing Secure Code for Windows Vista. (ISBN: 9780735623934, ISBN-10: 0-7356-2393-7.)
It should be available around mid-April 2007.
It’s a short book, around 230pp, and covers many of the defenses we built into Windows Vista and explains how you can take advantage of them in your own software. I think everyone knows that security is as strong as the weakest link, and it’s critical that applications that run on Windows Vista be as secure as possible, and that means taking advantage of the defenses we offer.
It’ always a pleasure working with David and this is the fourth book we’ve written together. First, he’s a great writer and produces quality prose (most of the time!) on time (sometimes :) and high-quality code samples. Second, we counter-balance each other, David works in the Office team, so he’s a Windows consumer, and I work in the Windows division. This means David can see things I just don’t see because I’m so close to the product – after all, Windows components only run on one Windows version at a time, and Office typically runs on three different versions of Windows - I believe that both viewpoints are critical for readers of the book. He also catches most of the bugs in my code.
Here’s the table of contents.
Chapter 1 Code Quality
Chapter 2 User Account Control, Integrity Levels, and Tokens
Chapter 3 Buffer Overrun Defenses
Chapter 4 Taking Advantage of Network Security Features and Defenses
Chapter 5 Creating Secure and Resilient Services
Chapter 6 Taking Advantage of Internet Explorer Defenses
Chapter 7 Cryptographic Changes in Windows Vista
Chapter 8 Authentication and Authorization
Chapter 9 Miscellaneous Defenses
I think most of the ToC is self-explanatory, except for the first and last chapters. The first one covers how we implemented the “Security Quality Gates” in Windows Vista to help catch security bugs early; in my opinion, and I think y’all agree, it’s most important to get the quality right rather than rely on a defense saving you. That’s why it’s the first chapter. The last chapter is a grab-bag of stuff that doesn’t fit well in other chapters, including:
Adding Windows Parental Controls support to your application
- Windows Defender APIs
- New Credential User Interface API
- Use the Security Event Log.
- Pointer Encoding
- Kernel Mode Debugging Issues
- Programming the Trusted Platform Module (TPM)
- Building Secure Windows Sidebar Gadgets
Note, this book is not a replacement for Writing Secure Code 2nd Edition; the new book focuses solely on building applications that take advantage of Windows Vista defenses and does not dwell on secure design, threat modeling, testing or the myriad of coding best practices we covered in the earlier book.
We also did a lot of work to go deeper than just what’s documented in the SDK – we wrote code to make these features work, and show how you can use them. In many cases, we ran into previously unknown gotchas, and we explain how you can avoid the same problems. In the code samples we’re shipping with the book, you’ll find not just the usual snippets that show a minor detail, but a lot of code you can use yourself – including a complete Windows service that communicates securely with the desktop.
I believe we have written an important book, because for Windows Vista customers to be more secure, everything on top of the OS must be more secure too. Oh, and it’s code heavy and an easy and actionable read, too!
Comments
Anonymous
March 03, 2007
Come farselo mancare nella propria libreria? Even though we (kinda) promised our wives we wouldn’t doAnonymous
March 06, 2007
Hi, I wanted to know if the book will include examples in VB.Net. If not, I would recommand that you include them. There are differences in the languages between VB.Net and C#. And seeing examples in this language will help a lot of people.Anonymous
March 06, 2007
What happened with the QuickTime bugs? Why are they exploitable on Vista?Anonymous
March 06, 2007
c, i haven't dug into the bugs. but they're exploitable because the apple code has security bugs in their code!Anonymous
March 06, 2007
Net, not there is no VB.NET code in the book, but the C# samples are pretty simple and will translate easily to VB.NETAnonymous
March 06, 2007
Hmm, I guess I was sort of hoping that some of Vista's security infrastructure would mitigate/prevent some of the vulnerabilities in third-party code. I guess a lot of the stuff is opt-in via using the new compilers?Anonymous
March 08, 2007
c: some defenses WILL come into play on Vista, for example ASLR might help, protected mode IE (low integrity) might help too, as might the heap defenses if there's a heap BO. Unfortunately, Apple does not compile QuickTime with /GS, /SafeSEH, NXCompat or /Dynamicbase :(Anonymous
March 20, 2007
[Default] Evaluation Center Experience the New MSDN Evaluation Center Register to download software andAnonymous
March 20, 2007
The comment has been removedAnonymous
March 20, 2007
Antonio, long, long, LLLOOONNGGG story, but the book never happened! :(Anonymous
May 08, 2007
Michael, With respect to chapter 2, how deep do you go into MIC levels and UAC considerations? I haven't been able to find a comprehensive TOC listing and I am considering purchasing your book, but I want to ensure that the information that I need is covered in depth.Anonymous
May 08, 2007
Hi Peter IIRC, ch2 is the biggest chapter in the book. After reviewing a draft, Dave commented that "Howard has no concept of writing small chapters." But to answer your question correctly, it goes very deep, deeper than anything presently out there.Anonymous
July 15, 2007
Read this book - it's excellent. To understand the book's content, you should read Writing Secure CodeAnonymous
July 15, 2007
Read this book - it's excellent. To understand the book's content, you should read Writing Secure