Windows Internals Part 2 is here

Hello there!
It has been a very long time since I last updated this blog (at least 3 years or more). Since my last post a lot of things have happened, which I summarize here:

  • On January 2018 I moved to Seattle (WA), from Italy, with the idea to work in the Windows Kernel Core team. Furthermore, I officially started a very ambitious project with Alex Ionescu: being one of the main author of the new Windows Internals book. A part of the huge cultural difference between Seattle and Milano (and, trust in me, adapting to the new culture was really hard for me), my life was proceding well, split between the 2 places (I miss home a lot)…
  • Around June 2019, my team split and I got promoted to Senior Core OS Engineer on the brand-new ™ Security Core Team, where I got the main responsibility on a component of Windows called Secure Kernel (a lot of my readers know what it is XD).
  • In the meantime, the work on the book was proceeding pretty slow, due to some problems not directly related to me (which I do not want to talk about here). Furthermore, multiple articles, and, before Covid, a couple of conferences talks have been release by myself, especially on Retpoline, Import Optimization, HotPatch and KDP….

Well, after three (reeeallyy 3) long years of work (in such a lot of looong nights) we are super excited to announce that in a non-precise day between the 15th and 21st of September 2021, the new Windows Internals book (7th Edition Part 2) will be finally available in its paper copy.

Never in my life I have been part of such-an-ambitious project: a lot of sections have been rewritten, others have been fully updated, and a brand-new chapter has been designed, all targeting Windows 10 21H1 and the new incoming Windows 11 kernel. I am so proud that we were able to include the following important new content:

  • Hardware side-channel vulnerabilities (which, some of them I took forever to fully understand), a completely brand-new WoW64 (including x86 on ARM64), WNF and Packaged applications, all part of Chapter 8
  • A new chapter about the Hypervisor, Virtualization stack and Virtualization-based security (VBS). I’ve personally written this chapter. It includes nitty-gritty details (never discussed before) on how the Hypervisor and Secure Kernel internally work.
  • The Windows registry and Windows services sections have been fully updated to include new concepts directly related to Windows 10, like the registry hive reorganization, virtualization, user and packaged services and so on. Chapter 10 includes also a rewritten section on UBPM, ETW (rewritten from scratch) and, last but not least, DTrace (which has been proven to be a super-powerful tool for tracing).
  • Chapter 11 includes a brand-new section on the resilient file system (ReFS). Furthermore the new features of NTFS (since Windows 7) have been all introduced and described in details (like the online check-disk). Not to mention an introduction on the next generation low-level storage solution, Spaces.
  • Lastly, also Chapter 12 has been completely rewritten. In the year 2021 there was no way that we would have release a section regarding the old BIOS systems. Melancholy readers should still read the old edition :-).

You can order your copy on the official Microsoft Press website (link), or, of course, on Amazon (link) 🙂

I want to say a big “Thank you” to all the people that helped me in this big journey, internal to Microsoft and even external. Thanks also to Mark Russinovich for having written the Foreward. And, of course, thanks also to Alex for including me in this big project. I hope that you guys enjoy it!

On a side note, the next month my company created the Giving Month, a month where all people are encouraged to give something to charity. Microsoft will match the donation, with the goal to help people that are less fortunate than us. I was thinking to collect all the signatures of the Windows’ developers, put them in a copy of the book, and sell it on Ebay as a unique and original piece. Finally, donate the earns coming from the sell to Cancer research. I am asking to the readers…. is this something that caught your interest? Which, rephrased, mean… would you like to put an offer on it if the idea goes through? (I still need to discuss it)

ps. I still need to buy a certificate for the website and pass some time to find a decent theme for it. If someone is willing to help please contact me 🙂

One thought on “Windows Internals Part 2 is here”

Leave a Reply

Your email address will not be published. Required fields are marked *