The indispensable Part II of the definitive guide to Windows internals -- fully updated for Windows 10
Written by Microsoft’s own kernel developer Andrea Allievi in collaboration with legendary Windows expert Alex Ionescu
Foreword by Mark Russinovich (now Microsoft’s Azure CTO), and extensively reviewed by Microsoft’s teams of developers and architects
The complete, official source of public information on Windows’ internal behavior, mechanisms, and operation: crucial for software architecture, driver development, debugging, reverse engineering, system optimization, security hardening, and support
Covers UEFI boot, including secure launch & measured boot, the registry, WMI, ALPC, Event Tracing for Windows (ETW), Windows Notification Facility (WNF), the cache manager, NTFS and ReFS, Hyper-V, the secure kernel and virtualization based security (VBS), the Universal Windows Platform (UWP) application model, and more
Demonstrates key Windows behaviors with hands-on experiments you can replicate, leveraging the latest debugger technologies such as NatVis and LINQ
Looking for educator resources?
Find the course content, tools and apps you need for any subject