Jun 132010

The latest version of the Case Of The Unexplained by Mark Russinovich has been released on the Microsoft Tech Ed website.  The case of the unexplained allows you to see how Mark walks through issues step by step to resolve them.   Mark uses Microsoft Debugging Tools along with his own tools from Sysinternals.  This sessions continues to be one of the most popular sessions at Tech Ed.

Case Of The Unexplained 2010

Jan 032010

Mark shared another great article on his blog.  The article talks about duplicate SID myth that has been around a long time.  Mark goes into why the now retired Sysinternals NewSID could be retired.  I will let you read the article in full by following the link below.  One of the most interesting parts I found is that nobody at Microsoft had really challenged if this was a valid issue for a long time.  This situation just goes to show that you should always look at things from every angle any opportunity you get.  This will be one of my new years resolutions. Let us know if you have run across any of these types of situations in the IT world.

Mark Russinovich’s Post On SID Duplication Myth

Dec 082009

I had a great video forwarded onto me by another IT Pro.  Microsoft has a presentation by Mark Russinovich on Windows Security Boundaries.  This is a great resource to learn how Microsoft approaches security boundaries in their operating systems.  Some of the security boundaries that are covered include physical machines, system virtual machines, and user sessions.  Mark also goes in to processes, patch guard, and kernel-mode signing.  As always Mark does a great job of breaking down security using some of his System Internals Tools.  The presentation is about an hour and fifteen minutes long.  Personally I think it is well worth your time if you want understand operating system security better.

Windows Security Boundaries On Tech Net