Presentation is loading. Please wait.

Presentation is loading. Please wait.

© Copyright 2009 Microsoft Corporation. Alle Rechte vorbehalten. MSDN Webcasts:

Published byPatience Octavia Miller Modified over 9 years ago

Similar presentations

Presentation on theme: "© Copyright 2009 Microsoft Corporation. Alle Rechte vorbehalten. MSDN Webcasts:"— Presentation transcript:

1 © Copyright 2009 Microsoft Corporation. Alle Rechte vorbehalten. MSDN Webcasts: http://www.msdn-online.de/webcastshttp://www.msdn-online.de/webcasts

2

3

4

5

6

7 © Copyright 2009 Microsoft Corporation. Alle Rechte vorbehalten. MSDN Webcasts: http://www.msdn-online.de/webcastshttp://www.msdn-online.de/webcasts

8

9

10

11

12 Session 0 Window Station Desktop Screen Saver Login Services 1 st User’s Window Shatter Attack

13 Session 0 Window Station Desktop Service Session 1 Window Station Desktop Screen Saver Login 1 st User’s Window Secure

14

15

16 Allowed Run most applications Change per user settings Not Allowed Install applications Change system components Change per machine settings Admin “privileges”

17 “Standard User” Token Admin Token Abby App Admin Token Child App Standard User Token App Standard User Token Child App Standard User Token

18 Protected Administrator SystemSystemAdministratorAdministratorexplorer.exe AppInfo Service consent.exeelevatedapp.exeRPCReparented ShellExecute(elevatedapp.exe)CreateProcessAsUser(elevatedapp.exe)

19

20

21

22

23

24

25

26

27

28

29 ApplicationApplicationWindowsWindows Shim DLL ImportFunctionImportFunctionExportFunctionExportFunctionImportFunctionImportFunctionExportFunctionExportFunction

30

31 asInvoker Launch with the same token as the parent process highestAvailable Launch with the highest token this user possesses requireAdministrator Highest token of the User provided User is a member of Administrators group

32 32 My totally sweet Vista application

33

34

35 Request Access: Read + Write Request Access: Read Read Access Token: Who I am Who I am Groups Groups Privileges Privileges Security Descriptor: Object Owner Object Owner Discretionary ACL Discretionary ACL “Toby” Groups: Users Users DACL: Users: Read Users: Read Admins: Full Ctrl Admins: Full Ctrl

36 Request Access: Read + Write Request Access: Read + Write R+W Internet Explorer + 3 rd party add-ons MS Money Toby’sStartupfolder R+W

37

38 LevelTypical process SystemServices HighElevated user apps MediumNormal user apps – default LowIE Protected Mode

39

40 Medium IL Process ProcessHighHighMediumMediumLowLowHighHighMediumMediumLowLow Read Write Low IL Process Process Processes Objects

41 No Write UpNo Read UpNo Execute Write  Read  Execute  and Object policy includes… and access requested includes…

42 Request Access: Read + Write Request Access: Read + Write R+W Internet Explorer [LOW IL] MS Money [Medium IL] Toby’sStartupFolder Medium (NW)

43

44 HWND 00040650 SendMessage 00040650 WM_COMMAND/BM_CLICK FindWindow “Calculator” Program 1 Window Manager Program 2

45

46

47

48 Performance Responsiveness Consumes resources Boot, Shutdown, Logoff, etc. Reliability Memory leaks System crashes & hangs Dependent application crashes Security Greater Attach Surface System privileges Successful attack may compromise entire system Power consumption Extra disk, CPU utilization Decrease in battery life Prevents idle efficiencies

49

50

51

52

53

54 Monitor Max Resolution % Set to Maximum 1280X102456% 1400X105079% 1600X120032% 1680X105066% 1920X105039% 1920X120078% Avg. set to default55% User's Chosen Resolution % using that resolution 640X4801% 800X6007% 1024X76857% 1280X1024 3% 1600X120032% Total100.00% DetailsDetails Users with Max Resolution of 1600X1200 Users are lowering their screen resolution to get larger text…

55

56 Clipped Text Layout Issues & Image Size Issues Pixilated Bitmaps WinForms Issues Blurry UIMismatched Font Sizes

57 Setting What to look for 1024x768 @ 120 DPI* This is an effective resolution of ~800x600, so look for UI clipped off the screen or layout issues. Also look for pixilated bitmaps and icons. *NOTE: if your app requires 1024x768, then do this test at 1280x960. 1600x1200 @ 144 DPI Blurry UI. Verify that all mouse operations work, especially drag and drop operations. Also verify full-screen modes work properly 1600x1200 @ 144 DPI with DPI Virtualization Disabled from DPI UI -> Custom -> use XP Style Scaling Often buttons and UI won’t scale in relation to larger text and there will be significant text clipping. Look for layout issues in general and pixilated bitmaps and icons. Recommendation: Write a list of the issues identified, best is to add them to your bug DB with a High DPI tag for later validation. Integrate a variety of configurations into all future test passes. Also see references for link to whitepaper on how to remedy issue you find.

58

59

60

61

62

63

64

65

66

67

68

69

70

71 …and beyond

72 RunningRunning Not running Multiple windows + hover ActiveActive

73

74 Destinations (“nouns”) Tasks (“verbs”) Known categories Custom categories User Tasks Taskbar Tasks Pinned category

75

76

77

78

79 © Copyright 2009 Microsoft Corporation. Alle Rechte vorbehalten. MSDN Webcasts: http://www.msdn-online.de/webcastshttp://www.msdn-online.de/webcasts Software Full Featured Development tools and production licenses of server products No upfront costs (USD$100 at program exit) Support Community support from network and hosting partners Professional technical support from Microsoft Visibility Profile and promotion on the BizSparkDB Software Visibility Support www.microsoft.com/bizspark

80 1 2 3 Drive new business opportunities o WebsiteSpark Marketplace o Partner Recruiting Portal o Web App Gallery Benefit from professional support and training o Two professional support incidents per program membership for break-fix issues o Unlimited access to technical managed newsgroups on MSDN o Unlimited program support for non-technical issues o Broad community support through partners and peers Receive software and solutions for development and hosting o Design Tools/Development Tools/Testing Tools: o Visual Studio ® 2008 Professional Edition – 3 user licenses o Expression ® Studio 2 (or 3) – 1 user license o Expression ® Web 2 (or 3) – 2 user licenses o Windows Web Server ® 2008 (or R2 when available) – 3 user licenses o SQL Server ® 2008 Web – 3 user licenses o Production Hosting Licenses (if self-hosting) o Windows Web Server 2008 R2 (when available) – 4 processor licenses o SQL Server 2008 Web Edition – 4 processor licenses o Premium Web site control panel (DotNetPanel) For Web Pros www.microsoft.com/web/websitesparkwww.microsoft.com/web/websitespark

81

82

83

84

85

86

Download ppt "© Copyright 2009 Microsoft Corporation. Alle Rechte vorbehalten. MSDN Webcasts:"

Similar presentations

Chapter 7 – Managing Windows XP. Control Panel The main tool for configuring your system. Most of the tools to configure the system come with the normal.

Chapter 7 – Managing Windows XP. Control Panel The main tool for configuring your system. Most of the tools to configure the system come with the normal.
 Vikram Singh Program Manager Microsoft Corporation PC19.

 Vikram Singh Program Manager Microsoft Corporation PC19.
Remote Desktop Services

Remote Desktop Services
Internet Information Server 6.0. IIS 6.0 Enhancements  Fundamental changes, aimed at: Reliability & Availability Reliability & Availability Performance.

Internet Information Server 6.0. IIS 6.0 Enhancements  Fundamental changes, aimed at: Reliability & Availability Reliability & Availability Performance.
Eralp Erat Senior Software Developer MCP,MCAD.NET,MCSD.NET.

Eralp Erat Senior Software Developer MCP,MCAD.NET,MCSD.NET.
Miscellaneous Windows 2000 Desktop Features Windows 2000 Intermediate.

Miscellaneous Windows 2000 Desktop Features Windows 2000 Intermediate.
Interfacing with Computer Associate Degree in Education (ADE) Lecture 04 Sajid Riaz.

Interfacing with Computer Associate Degree in Education (ADE) Lecture 04 Sajid Riaz.
DEV392: Extending SharePoint Products And Technologies Through Web Parts And ASP.NET Clint Covington, Program Manager Data And Developer Services - Office.

DEV392: Extending SharePoint Products And Technologies Through Web Parts And ASP.NET Clint Covington, Program Manager Data And Developer Services - Office.
Building Windows (7) Applications Microsoft ® Corporation.

Building Windows (7) Applications Microsoft ® Corporation.
Module 6 Windows 2000 Professional 6.1 Installation 6.2 Administration/User Interface 6.3 User Accounts 6.4 Managing the File System 6.5 Services.

Module 6 Windows 2000 Professional 6.1 Installation 6.2 Administration/User Interface 6.3 User Accounts 6.4 Managing the File System 6.5 Services.
Terminal Services Terminal Services is the modern equivalent of mainframe computing, in which servers perform most of the processing and clients are relatively.

Terminal Services Terminal Services is the modern equivalent of mainframe computing, in which servers perform most of the processing and clients are relatively.
Installing Windows XP Professional Using Attended Installation Slide 1 of 41Session 2 Ver. 1.0 CompTIA A+ Certification: A Comprehensive Approach for all.

Installing Windows XP Professional Using Attended Installation Slide 1 of 41Session 2 Ver. 1.0 CompTIA A+ Certification: A Comprehensive Approach for all.
Microsoft Services Provider Agreement. I want to provide my customers with software services that include Microsoft licensed products. Microsoft Services.

Microsoft Services Provider Agreement. I want to provide my customers with software services that include Microsoft licensed products. Microsoft Services.
© 2010 VMware Inc. All rights reserved VMware ESX and ESXi Module 3.

© 2010 VMware Inc. All rights reserved VMware ESX and ESXi Module 3.
SQL Server 2008 for Hosting Key Questions to Address How can SQL Server save your costs? How can SQL Server help you increase customer base? How can.

SQL Server 2008 for Hosting Key Questions to Address How can SQL Server save your costs? How can SQL Server help you increase customer base? How can.
Microsoft ® Application Virtualization 4.6 Infrastructure Planning and Design Published: September 2008 Updated: February 2010.

Microsoft ® Application Virtualization 4.6 Infrastructure Planning and Design Published: September 2008 Updated: February 2010.
Debunking the Top 10 Myths of Small Business Server: Using Windows SBS in Larger Environments Abstract: This session will debunk some of the common myths.

Debunking the Top 10 Myths of Small Business Server: Using Windows SBS in Larger Environments Abstract: This session will debunk some of the common myths.
2. Introduction to the Visual Studio.NET IDE 2. Introduction to the Visual Studio.NET IDE Ch2 – Deitel’s Book.

2. Introduction to the Visual Studio.NET IDE 2. Introduction to the Visual Studio.NET IDE Ch2 – Deitel’s Book.
Guide to MCSE 70-270, Second Edition, Enhanced 1 Objectives Understand and use the Control Panel applets Describe the versatility of the Microsoft Management.

Guide to MCSE , Second Edition, Enhanced 1 Objectives Understand and use the Control Panel applets Describe the versatility of the Microsoft Management.
Microsoft ® Official Course Module 9 Configuring Applications.

Microsoft ® Official Course Module 9 Configuring Applications.

Similar presentations

Ads by Google