Windows 7 might get fixed


Windows Forum Admin
Staff member
Premium Supporter
Microsoft MVP
Windows 7 might get fixed

By Ed Berridge
Thursday, 31 December 2009, 12:04

MICROSOFT WINDOWS HACKER Mark Russinovich has been telling Beta News how he fixed a problem that has been plaguing Windows for the last 20 years.
For ages malware writers have been tricking Windows into executing data as though it were code. Malware places data into the Windows "heap" that bears the pattern of executable instructions.
When something crashes it can leave the system a state where the data in that heap is pointed to and then executed. Security software can only wait for patterns of such heap corruption to appear, and then act. Which is often too late.
Russinovich was hired by the Vole to improve system reliability. Windows 7 included a lot of his ideas to harden the whole process.
The first thing that he changed was to develop a Unified Background Process Manager that reduces the number of concurrently running processes in Windows.
Russinovich said that a lot of what made Vista and its predecessors slow were services hanging around in memory, waiting for an excuse to do something useful.
The idea was not new. Windows 2000 had introduced something called Event Tracing. That gives Windows 7 the trigger to start or stop a service.
This means that the Windows Error Reporting service wakes up sooner. Russinovich adapted it so it can analyse the causes of crashes as they happen.
Looking at some of the data Russinovich discovered that 15 per cent of all user-mode crashes are caused by heap corruption. He also found that a third of all crashes that happen during Windows shutdown are caused by heap corruption.
With a new Windows Error Reporting service, engineers can craft more effective ways to address the root problems of as much as one-third of key categories of crashes.
Russinovich then worked out a fix called the fault-tolerant heap. When Windows 7 sees heap corruption in a process, it enables heap mitigation. Then it monitors the effectiveness of the heap mitigation, and if that's effective it keeps the fix.
It also looks at the software that caused the heap corruption and warns the Vole. µ
Windows 7 might get fixed - The Inquirer

This website is not affiliated, owned, or endorsed by Microsoft Corporation. It is a member of the Microsoft Partner Program.