Michael Howard - Writing Secure Code for Windows Vista®

PUBLISHED BY
Microsoft Press
A Division of Microsoft Corporation
One Microsoft Way
Redmond, Washington 98052-6399

2007 by David LeBlanc and Michael Howard

All rights reserved. No part of the contents of this book may be reproduced or transmitted in any form or by any means without the written permission of the publisher.

Library of Congress Control Number: 2007922582

1 2 3 4 5 6 7 8 9 QWT 2 1 0 9 8 7

Distributed in Canada by H.B. Fenn and Company Ltd.

A CIP catalogue record for this book is available from the British Library.

Microsoft Press books are available through booksellers and distributors worldwide. For further information about international editions, contact your local Microsoft Corporation office or contact Microsoft Press International directly at fax (425) 936-7329. Visit our Web site at .

Microsoft, Microsoft Press, Active Directory, ActiveX, Authenticode, BitLocker, Hotmail, Internet Explorer, MSDN, Outlook, SQL Server, Visual Basic, Visual C++, Visual Studio, Win32, Windows, Windows CardSpace, Windows Media, Windows NT, Windows Server, and Windows Vista are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. Other product and company names mentioned herein may be the trademarks of their respective owners.

The example companies, organizations, products, domain names, e-mail addresses, logos, people, places, and events depicted herein are fictitious. No association with any real company, organization, product, domain name, e-mail address, logo, person, place, or event is intended or should be inferred.

This book expresses the authors views and opinions. The information contained in this book is provided without any express, statutory, or implied warranties. Neither the authors, Microsoft Corporation, nor its resellers, or distributors will be held liable for any damages caused or alleged to be caused either directly or indirectly by this book.

Acquisitions Editor: Ben Ryan
Developmental Editor: Devon Musgrave
Project Editor: Valerie Woolley

Editorial and Production Services: Carlisle Publishing Services

Body Part No. X13-62470

Dedication

For my mother and father. Thank you for encouraging me in my earliest geekyendeavors. For buying my first chemistry set, microscope and rock collection.But most of all, I cant express how much I appreciate yougetting me my very first computer.
Michael

To my wife, Jennifer, who has put up with yet another book. To Mr. Pennington, our school librarian,who I set out to annoy by programming a noisy computer in his library Ive been hooked onprogramming since. To Floyd R. Hacker, who introduced me to Windows,and one fateful day took a huge pile of research data, pulled itinto Excel and quite unknowingly set me along this path.
David

About the Author

Michael Howard

Michael Howard is a senior security program manager in the Security Engineering team at Microsoft, and an architect of the security-related process improvements at the company. He is the co-author of many security books, mostly with David LeBlanc including the award-winning Writing Secure Code, 19 Deadly Sins of Software Security, and the Security Development Lifecycle. He is an editor of IEEE Security and Privacy, and the series editor of the Microsoft Press Secure Software Development series.

David LeBlanc

David LeBlanc is a senior developer in the Microsoft Office Division's Trustworthy Computing team. In addition to writing code, he helps advise Office on security issues and how to implement the SDL. He has co-authored several security books, mostly with Michael Howard. David has worked in many aspects of the security industry, ranging from anti-fraud for telephony companies, leading the development team for an award-winning network security assessment tool, penetration testing for Microsoft's network security group, and was a founding member of the Trustworthy Computing Initiative team. When not writing books, he'll be found somewhere in the Cascades on his horse.

Acknowledgments

We have now written four books together so far, and we are proud of every one. Writing books is never easy, but its made a lot easier when you have a great group of people helping you along the way. What sets this book apart from the other is the list of acknowledgements. Its huge! In fact, the list is so big we have decided to break it up into groups! Every person listed below contributed something to this book, from code review to fact checking and from little ideas to making sure we covered critically important topics.

Secure Windows Initiative and SDL teams

David Ross, Nitin Kumar Goel, John Lambert, Steve Lipner, Andrew Roths, Neill Clift, Richard Johnson, Matt Thomlinson, Josh Lackey, Damian Hasse, and Robert Hensing.

Windows Core Security

Darren Canavor, Ben Nick, Anderson Quach, Yu Chen, Tolga Acar, David Cross, Steve Hiskey, Tomas Palmer, Peter Brundrett, Oded Ye Shekel, Art Baker, Niels Ferguson, Ari Medvinsky, Chris Corio, George Li, John Brezak, Kelvin Yiu, Dan Fritch, Jon Schwartz, Mike Lai, Eric Fitzgerald, Jeff Williams, Nate Lewis, Brian Brown and Satyajit Nath

Windows

Dave Cutler, Saji Abraham, Daniel Wang, Hunter Hudson, Gov Maharaj, Richard Ward, Walter VonKoch, Sean Lyndersay, Mike Sheldon, Sandeep Singhal, Henry Sanders, Neeraj Garg, Deepak Bansal, Ravi Rao, Stan Pennington, David Bennett, David Kennedy, Landy Wang, Chuck Reeves, Andy Harjanto, Kim Cameron, Mike B. Jones, Garrett Serack, Brent Schmaltz, Adrian Marinescu, Ramesh Chinta, Chittur Subbaraman, Christian Huitema, Eran Yariv, and Mahesh Mohan.

Internet Explorer

Marc Silbey, Rob Franco, Dean Hachamovitch, Jeremy Dallman, Zhenbin Xu, Eric Lawrence, Alex Kuang, Tariq Sharif, Joshua Allen, Venkat Kudallur, and Chris Wilson.

Microsoft Office

Alan Myrvold, Tom Gallagher, Lawrence Landauer, Hidetake Jo, and Mike Marcelais.

Developer Division

Mark Lacey

Microsoft Consulting

Aaron Margosis

Microsoft Press

Devon Musgrave, as usual guided us seamlessly through the book-writing process and to Ben Ryan for agreeing to do the book. Valerie Woolley our editor was a dream to work with. One thing we both love about working with Microsoft Press, is the editors dont try to force their style over our writing style. And we appreciate that!

And to anyone we missed. Were sorry.

Michael Howard
David LeBlanc
Redmond, WA
March 2007

is a very important book for everyone in the high-technology industry. The ideas expressed in this book represent the latest thinking in creating the trustworthy experience every user of technology expects.

Microsofts vision for the use of technology by all segments of society is based on the notion that Moores law will continue, creating ever more powerful, and ever less expensive, computers that can be applied in an increasing number of ways to meet the needs of all types of people. With the continued growth in broadband networks, including new wireless technologies, these devices will be connected to each other locally and across the world, giving people unprecedented access to information, media, and services with a level of convenience we are only starting to fathom. This vision is not only Microsofts; it is shared by many across the high-technology industry. No matter your commercial or technological allegiance, this vision spells out how our industry will grow, how we will generate commercial success for our businesses, and how we will all contribute to a world that is more convenient for everyone and that allows every person to reach his or her full potential. It is a wonderful visionand none of us can wait to get there.