![Page 1: Compatibility and Interoperability Requirements. Agenda Compatibility and interoperability requirements Support for x64 versions Signing files and drivers](https://reader036.vdocument.in/reader036/viewer/2022062408/56649eda5503460f94be9718/html5/thumbnails/1.jpg)
Compatibility and Compatibility and Interoperability RequirementsInteroperability Requirements
![Page 2: Compatibility and Interoperability Requirements. Agenda Compatibility and interoperability requirements Support for x64 versions Signing files and drivers](https://reader036.vdocument.in/reader036/viewer/2022062408/56649eda5503460f94be9718/html5/thumbnails/2.jpg)
Agenda
• Compatibility and interoperability requirements
• Support for x64 versions • Signing files and drivers• Version checking• Support for concurrent user sessions• Safe mode• Support for anti-malware policies• Compatibility and interoperability
test cases
![Page 3: Compatibility and Interoperability Requirements. Agenda Compatibility and interoperability requirements Support for x64 versions Signing files and drivers](https://reader036.vdocument.in/reader036/viewer/2022062408/56649eda5503460f94be9718/html5/thumbnails/3.jpg)
Compatibility and Interoperability Requirements• Support x64 Versions • Sign files and drivers• Perform version checking properly• Support concurrent user sessions• Avoid loading services and drivers in
safe mode• Follow anti-malware policies
![Page 4: Compatibility and Interoperability Requirements. Agenda Compatibility and interoperability requirements Support for x64 versions Signing files and drivers](https://reader036.vdocument.in/reader036/viewer/2022062408/56649eda5503460f94be9718/html5/thumbnails/4.jpg)
Agenda
• Compatibility and interoperability requirements
• Support for x64 versions • Signing files and drivers• Version checking• Support for concurrent user sessions• Safe mode• Support for anti-malware policies• Compatibility and interoperability
test cases
![Page 5: Compatibility and Interoperability Requirements. Agenda Compatibility and interoperability requirements Support for x64 versions Signing files and drivers](https://reader036.vdocument.in/reader036/viewer/2022062408/56649eda5503460f94be9718/html5/thumbnails/5.jpg)
Support for x64 Versions
• No 16-bit code or components• x64 versions of drivers• Application setup detects and installs
proper drivers and components• WOW64—Not necessary to run application
natively• Acceptable to remove nonessential
features • 32- and 64-bit COM servers communicate
with 64- and 32-bit clients
![Page 6: Compatibility and Interoperability Requirements. Agenda Compatibility and interoperability requirements Support for x64 versions Signing files and drivers](https://reader036.vdocument.in/reader036/viewer/2022062408/56649eda5503460f94be9718/html5/thumbnails/6.jpg)
WOW64
• Windows-on-Windows 64-bit• Handles differences between 32-bit
and 64-bit versions of the Windows operating system
• Capable of running 32-bit applications
• Included on all 64-bit versions of the Windows operating system
![Page 7: Compatibility and Interoperability Requirements. Agenda Compatibility and interoperability requirements Support for x64 versions Signing files and drivers](https://reader036.vdocument.in/reader036/viewer/2022062408/56649eda5503460f94be9718/html5/thumbnails/7.jpg)
Agenda
• Compatibility and interoperability requirements
• Support for x64 versions • Signing files and drivers• Version checking• Support for concurrent user sessions• Safe mode• Support for anti-malware policies• Compatibility and interoperability
test cases
![Page 8: Compatibility and Interoperability Requirements. Agenda Compatibility and interoperability requirements Support for x64 versions Signing files and drivers](https://reader036.vdocument.in/reader036/viewer/2022062408/56649eda5503460f94be9718/html5/thumbnails/8.jpg)
Signing Files
• Ensures files have not been tampered with
• All executable files must be signed with an Authenticode certificate
• Code-signing certificates are available from several vendors
• Use the SignTool in the Windows SDK to sign files
![Page 9: Compatibility and Interoperability Requirements. Agenda Compatibility and interoperability requirements Support for x64 versions Signing files and drivers](https://reader036.vdocument.in/reader036/viewer/2022062408/56649eda5503460f94be9718/html5/thumbnails/9.jpg)
Signing Drivers
• Malicious software drivers affect stability and security
• Driver binaries loaded at boot time contain embedded signatures
• Microsoft signature for kernel-mode drivers through WHQL or DRS program
• 64-bit versions of Windows Vista will not load unsigned drivers
• Administrator privilege is required to install unsigned kernel-mode components
![Page 10: Compatibility and Interoperability Requirements. Agenda Compatibility and interoperability requirements Support for x64 versions Signing files and drivers](https://reader036.vdocument.in/reader036/viewer/2022062408/56649eda5503460f94be9718/html5/thumbnails/10.jpg)
Creating Test Certificates
• Need only one MakeCert test certificate per computer
• Certificate store added to Windows managed list
• Install in test computer’s Trusted Root Certification Authorities and Trusted Publishers certificate stores
MakeCert –r –pe –ss TestCertStoreName –n “CN=CertName” CertFileName.cer
![Page 11: Compatibility and Interoperability Requirements. Agenda Compatibility and interoperability requirements Support for x64 versions Signing files and drivers](https://reader036.vdocument.in/reader036/viewer/2022062408/56649eda5503460f94be9718/html5/thumbnails/11.jpg)
Delay Signing
• Developers require public key • Defer signing until shipping • Use delayed signing at build time
– Reserves space in PE for strong name signature
![Page 12: Compatibility and Interoperability Requirements. Agenda Compatibility and interoperability requirements Support for x64 versions Signing files and drivers](https://reader036.vdocument.in/reader036/viewer/2022062408/56649eda5503460f94be9718/html5/thumbnails/12.jpg)
Delay Signing Process
• Obtain .snk file– Created using sn.exe
• Annotate with custom attributes:– AssemblyKeyFileAttribute– AssemblyDelaySignAttribute
• Turn off signature verification
[assembly:AssemblyKeyFileAttribute("myKey.snk")] [assembly:AssemblyDelaySignAttribute(true)]
![Page 13: Compatibility and Interoperability Requirements. Agenda Compatibility and interoperability requirements Support for x64 versions Signing files and drivers](https://reader036.vdocument.in/reader036/viewer/2022062408/56649eda5503460f94be9718/html5/thumbnails/13.jpg)
Agenda
• Compatibility and interoperability requirements
• Support for x64 versions • Signing files and drivers• Version checking• Support for concurrent user sessions• Safe mode• Support for anti-malware policies• Compatibility and interoperability
test cases
![Page 14: Compatibility and Interoperability Requirements. Agenda Compatibility and interoperability requirements Support for x64 versions Signing files and drivers](https://reader036.vdocument.in/reader036/viewer/2022062408/56649eda5503460f94be9718/html5/thumbnails/14.jpg)
Version Checking
• Allows application to be used in future versions– Check for ≥ desired version number– Do not check CurrentVersion in registry– If EULA prohibits use on future operating
systems, fail gracefully
• GetVersionEx– Version-checking API
• Check for capabilities rather than version– Windows build team recommendation
• VerifyVersionInfo• Environment.Version property
![Page 15: Compatibility and Interoperability Requirements. Agenda Compatibility and interoperability requirements Support for x64 versions Signing files and drivers](https://reader036.vdocument.in/reader036/viewer/2022062408/56649eda5503460f94be9718/html5/thumbnails/15.jpg)
Agenda
• Compatibility and interoperability requirements
• Support for x64 versions • Signing files and drivers• Version checking• Support for concurrent user
sessions• Safe mode• Support for anti-malware policies• Compatibility and interoperability
test cases
![Page 16: Compatibility and Interoperability Requirements. Agenda Compatibility and interoperability requirements Support for x64 versions Signing files and drivers](https://reader036.vdocument.in/reader036/viewer/2022062408/56649eda5503460f94be9718/html5/thumbnails/16.jpg)
Fast User Switching
• Multiple users can log on• Switches quickly between open
accounts• Does not change application state• Uses Terminal Services technology
![Page 17: Compatibility and Interoperability Requirements. Agenda Compatibility and interoperability requirements Support for x64 versions Signing files and drivers](https://reader036.vdocument.in/reader036/viewer/2022062408/56649eda5503460f94be9718/html5/thumbnails/17.jpg)
FUS Application Best Practices (1)
• Test application under FUS• Implement true profile separation• Register for notification of a user
switch• Be aware of other running instances
![Page 18: Compatibility and Interoperability Requirements. Agenda Compatibility and interoperability requirements Support for x64 versions Signing files and drivers](https://reader036.vdocument.in/reader036/viewer/2022062408/56649eda5503460f94be9718/html5/thumbnails/18.jpg)
FUS Application Best Practices (2)
• Applications must allow multiple sessions unless prevented by architecture
• Includes Remote Desktop Connection sessions
• If not supported, alert user and write to Windows NT event log
• 3D graphics applications– Not required to work over RDC – User alerted on failure
• Sound in another user session inaudible in current session
![Page 19: Compatibility and Interoperability Requirements. Agenda Compatibility and interoperability requirements Support for x64 versions Signing files and drivers](https://reader036.vdocument.in/reader036/viewer/2022062408/56649eda5503460f94be9718/html5/thumbnails/19.jpg)
Agenda
• Compatibility and interoperability requirements
• Support for x64 versions • Signing files and drivers• Version checking• Support for concurrent user sessions• Safe mode• Support for anti-malware policies• Compatibility and interoperability
test cases
![Page 20: Compatibility and Interoperability Requirements. Agenda Compatibility and interoperability requirements Support for x64 versions Signing files and drivers](https://reader036.vdocument.in/reader036/viewer/2022062408/56649eda5503460f94be9718/html5/thumbnails/20.jpg)
Safe Mode
• Enables users to diagnose and repair Windows configuration
• Drivers and services should not run unless needed for:– Basic operations– Diagnostic purposes– Recovery purposes
![Page 21: Compatibility and Interoperability Requirements. Agenda Compatibility and interoperability requirements Support for x64 versions Signing files and drivers](https://reader036.vdocument.in/reader036/viewer/2022062408/56649eda5503460f94be9718/html5/thumbnails/21.jpg)
Safe Mode Registry Keys
• If set, drivers and services run in safe mode without any errors
• Minimal and network registry keys
• Any use of these keys must be listed in the logo documentation
HKLM\System\CurrentControlSet\ Control\SafeBoot\MinimalHKLM\System\CurrentControlSet\ Control\SafeBoot\Network
![Page 22: Compatibility and Interoperability Requirements. Agenda Compatibility and interoperability requirements Support for x64 versions Signing files and drivers](https://reader036.vdocument.in/reader036/viewer/2022062408/56649eda5503460f94be9718/html5/thumbnails/22.jpg)
Safe Mode Registry Safe Mode Registry SettingsSettings
![Page 23: Compatibility and Interoperability Requirements. Agenda Compatibility and interoperability requirements Support for x64 versions Signing files and drivers](https://reader036.vdocument.in/reader036/viewer/2022062408/56649eda5503460f94be9718/html5/thumbnails/23.jpg)
Agenda
• Compatibility and interoperability requirements
• Support for x64 versions • Signing files and drivers• Version checking• Support for concurrent user sessions• Safe mode• Support for anti-malware
policies• Compatibility and interoperability
test cases
![Page 24: Compatibility and Interoperability Requirements. Agenda Compatibility and interoperability requirements Support for x64 versions Signing files and drivers](https://reader036.vdocument.in/reader036/viewer/2022062408/56649eda5503460f94be9718/html5/thumbnails/24.jpg)
Anti-Malware
• Applications MUST meet privacy guidelines
• You risk losing logo certification if your application is identified as malware or spyware
• Anti-Spyware Coalition– 40-plus member organizations– Includes Microsoft
![Page 25: Compatibility and Interoperability Requirements. Agenda Compatibility and interoperability requirements Support for x64 versions Signing files and drivers](https://reader036.vdocument.in/reader036/viewer/2022062408/56649eda5503460f94be9718/html5/thumbnails/25.jpg)
Agenda
• Compatibility and interoperability requirements
• Support for x64 versions • Signing files and drivers• Version checking• Support for concurrent user sessions• Safe mode• Support for anti-malware policies• Compatibility and
interoperability test cases
![Page 26: Compatibility and Interoperability Requirements. Agenda Compatibility and interoperability requirements Support for x64 versions Signing files and drivers](https://reader036.vdocument.in/reader036/viewer/2022062408/56649eda5503460f94be9718/html5/thumbnails/26.jpg)
Compatibility and Interoperability Test Cases (1)
• Verify application installer:– Does not have a 16-bit installer– Does not use or rely on 16-bit code or
components– Does not attempt to install any non-64-
bit drivers on x64 versions of the Windows operating system regardless of whether application is a Win32 application or is native to 64-bit
![Page 27: Compatibility and Interoperability Requirements. Agenda Compatibility and interoperability requirements Support for x64 versions Signing files and drivers](https://reader036.vdocument.in/reader036/viewer/2022062408/56649eda5503460f94be9718/html5/thumbnails/27.jpg)
Compatibility and Interoperability Test Cases (2)• Verify executable files and other files
installed by the application are signed
• Verify all kernel-mode drivers installed by the application are signed
• Verify application properly checks for operating system version
• Verify application launches and runs properly using Fast User Switching
![Page 28: Compatibility and Interoperability Requirements. Agenda Compatibility and interoperability requirements Support for x64 versions Signing files and drivers](https://reader036.vdocument.in/reader036/viewer/2022062408/56649eda5503460f94be9718/html5/thumbnails/28.jpg)
Compatibility and Interoperability Test Cases (3)• Verify application launches and run
properly using Remote Desktop• Verify drivers and services start in
safe mode
![Page 29: Compatibility and Interoperability Requirements. Agenda Compatibility and interoperability requirements Support for x64 versions Signing files and drivers](https://reader036.vdocument.in/reader036/viewer/2022062408/56649eda5503460f94be9718/html5/thumbnails/29.jpg)
Summary
• Compatibility and interoperability requirements
• Support for x64 versions • Signing files and drivers• Version checking• Support for concurrent user sessions• Safe mode• Support for anti-malware policies• Compatibility and interoperability
test cases
![Page 30: Compatibility and Interoperability Requirements. Agenda Compatibility and interoperability requirements Support for x64 versions Signing files and drivers](https://reader036.vdocument.in/reader036/viewer/2022062408/56649eda5503460f94be9718/html5/thumbnails/30.jpg)
Additional Resources
• WOW64 implementation detailshttp://msdn.microsoft.com/library/default.asp?url=/library/en-us/win64/win64/wow64_implementation_details.asp
• Delay signinghttp://blogs.msdn.com/shawnfa/archive/2004/03/17/91575.aspx
• Fast User Switchinghttp://support.microsoft.com/kb/294737/en-us
• Anti-malwarehttp://www.antispywarecoalition.org/