Your SlideShare is downloading. ×
0
3 App Compat Win7
3 App Compat Win7
3 App Compat Win7
3 App Compat Win7
3 App Compat Win7
3 App Compat Win7
3 App Compat Win7
3 App Compat Win7
3 App Compat Win7
3 App Compat Win7
3 App Compat Win7
3 App Compat Win7
3 App Compat Win7
3 App Compat Win7
3 App Compat Win7
3 App Compat Win7
3 App Compat Win7
3 App Compat Win7
3 App Compat Win7
3 App Compat Win7
3 App Compat Win7
3 App Compat Win7
3 App Compat Win7
3 App Compat Win7
3 App Compat Win7
3 App Compat Win7
3 App Compat Win7
3 App Compat Win7
3 App Compat Win7
3 App Compat Win7
3 App Compat Win7
3 App Compat Win7
3 App Compat Win7
3 App Compat Win7
3 App Compat Win7
3 App Compat Win7
3 App Compat Win7
3 App Compat Win7
3 App Compat Win7
3 App Compat Win7
3 App Compat Win7
3 App Compat Win7
3 App Compat Win7
3 App Compat Win7
3 App Compat Win7
3 App Compat Win7
3 App Compat Win7
3 App Compat Win7
3 App Compat Win7
3 App Compat Win7
3 App Compat Win7
3 App Compat Win7
3 App Compat Win7
3 App Compat Win7
3 App Compat Win7
3 App Compat Win7
3 App Compat Win7
3 App Compat Win7
3 App Compat Win7
3 App Compat Win7
3 App Compat Win7
3 App Compat Win7
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

3 App Compat Win7

2,293

Published on

TechEd Africa session on Windows 7 applicaiton compatibility and graphics improvements

TechEd Africa session on Windows 7 applicaiton compatibility and graphics improvements

Published in: Technology, Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
2,293
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
37
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide
  • Blackhat and recommendation to hijack a utility type service (AV or backup for example).
  • Services IsolationServices will not be able to directly interact with user desktop and applicationsIssuesServices with user interaction may hang as UI will not be visibleTemporary Mitigation: notification sent to current user when there is UI in session 0http://www.msterminalservices.org/faq/WindowsTerminalServices/?page=8 – How to design a service to interact with multiple user sessionsSpawned by service – must track session IdsSimple interaction: Terminal Services APIs (WtsSendMessage) - messagebox type functionalityComplex interaction -spawned by the service: one of the create process as user APIs Client start-up (e.g. run key)Find Session Id - WTSQuerySessionInformation() with WTSSessionId as classPass to service through IPCNamed pipe issuesSpecify FILE_FLAG_FIRST_PIPE_INSTANCE in dwOpenMode parameter to CreateNamedPipe() – prevents “squatting”
  • Performance EnhancementsNotifyServiceStatusChange()XP required query of state through QueryServiceStatusEx() or other APIAllows for callback notification of service status changesLocal or remote clientsShutdownXP – notification (random order from SCM) then 20 sec to shutdownVista pre-shutdown notification for services with more cleanup3 min by default but configurable by serviceRegistration of shutdown dependencies for orderWindows 7 adds Trigger Start:SCM starts or stops registered services when system events triggers.Configuration not accessible via MMC Service Snap-InYou can use the command-line SC.EXE TRIGGERINFO… ChangeServiceConfig2( SERVICE_CONFIG_TRIGGER_INFO )
  • Note: some applications will actively block efforts to shim, so this will not work.
  • Direct 2D – rendering improvementsDirectWrite – cool DirectWrite demoDirect3D - Demo
  • [TDM, DEV][Why - high level overview of Graphics (improvements) in Win7]High-Fidelity Graphics with DirectX Windows application developers have long used DirectX® to provide high-quality, hardware-accelerated, 3D graphics. When the technology debuted in 1995, developers could provide high-quality 3D graphics for games & engineering applications for gamers & professionals willing to pay extra for a 3D-graphics board. Now, even the most inexpensive PCs include capable 3D-graphics hardware.To take advantage of these graphics capabilities, Windows Vista introduced the Windows Display Driver Model (WDDM) infrastructure for DirectX that enabled multiple applications & services to share the resources of the GPU. The Desktop Window Manager (DWM) uses this technology to animate task switching in 3D, provide dynamic thumbnail images of application windows, & to provide Windows® Aero® glass effects for desktop applications.Windows 7 puts even more graphics capability into the h&s of application developers. Through a new set of DirectX APIs, Win32 developers can take advantage of the latest innovations in GPUs to add fast, scalable, high-quality, 2D & 3D graphics, text, & images to their applications. On the latest LCD displays, DirectX APIs can display desktop & window content using color depth greater than 8 bits per color component. With DirectX, Win32 developers can also use the GPU’s parallelism for general-purpose computation such as image processing, & can render to DirectX 10 hardware, DirectX 9 hardware, the CPU, or to a remote Windows computer. These technologies were designed to interoperate with GDI & GDI+, ensuring that developers can easily preserve their existing investments in Win32 code. These enhanced graphics capabilities are provided by the following COM-based APIs:Direct2D for drawing 2D graphics.DirectWrite for arranging & rendering text. Windows Imaging Component for processing & displaying images.Direct3D® 10 for drawing 3D graphics. Direct3D 11 for drawing 3D graphics, & providing access to next-generation GPU technologies, such as tessellation, limited support for texture streaming, & general purpose computing.DirectX Graphics Infrastructure (DXGI) for managing devices & GPU resources, & providing interoperability between DirectX & GDIWindows 7 Usage of the GPUContinues from Windows Vista…Media Center UIVideo Playback Desktop Window Manager (DWM)Windows 7 DWM uses Direct3D10.1 APIScales in performance all the way from low end integrated to high end GPUsShaders are used for blurs in the GlassWindows 7 memory consumption is cut by 50% per windowMore & richer animations of the thumbnails
  • [TDM, DEV][high-level overview of DirectWrite]ClearType is all about drawing text to the screen while preserving maximum fidelity with regards to the character position & shape intended by the font designer.Usability Improvements due to ClearTypeReading perf improvement: 5% faster than non cleartype rendering.  This is normal reading of a document on screen.  Pretty significant (think of 5% of work day).     Word decoding: 17% faster.  When you get flashed a word on a screen really fast & have to figure out what it is. Most importantly – the time you can spend reading on the computer before you get a head-ache is substantially extended. :-)DirectWriteMany of today’s applications need to support high-quality text rendering, resolution-independent outline fonts, & full Unicode text & layout support. DirectWrite, a new DirectX component, provides these features & more:A device-independent text layout system that improves text readability in documents & in UI. High-quality, sub-pixel, ClearType® text rendering that can use GDI, Direct2D, or application-specific rendering technology.Hardware-accelerated text, when used with Direct2D.Support for multi-format text.Support for the advanced typography features of OpenType® fonts.Support for the layout & rendering of text in all supported languages.GDI-compatible layout & rendering.The DirectWrite font system enables ”any font anywhere” font usage, where users don’t have to perform a separate installation step just to use a font, & an improved structural hierarchy of font grouping to help with manual or programmatic font discovery. The APIs support measuring, drawing, & hit-testing of multi-format text. DirectWrite h&les text in all supported languages for global & localized applications, building on the key language infrastructure found in Windows 7. DirectWrite also provides low-level glyph rendering APIs for developers who want to perform their own layout & Unicode-to-glyph processing.
  • [TDM, DEV]The main take away on the Fundamentals it to make sure developer are using Windows 7 as their main dev machine. By running Windows 7 on their machines, they will want to make sure their applications are properly running on Windows 7.
  • Windows 7 & Windows Server 2008 R2 Ecosystem Readiness Program The Windows Ecosystem includes hardware, software, & services partners.  In addition to providing partners with access to the software & tools they need to build & test solutions for Windows 7 & Windows Server 2008 R2, the Ecosystem Readiness Program also facilitates testing multiple components of the ecosystem together to improve the overall user experience. Rather than just focusing on getting a specific OEM product, software application, or hardware device certified, we will be bringing multiple components together to verify a rich user experience that delivers quality, reliability, & performance as well as innovation through new feature adoption. To join the Windows 7 & Windows Server 2008 R2 Ecosystem Readiness Program click here if you are a software developer & here if you develop hardware.herehere
  • Transcript

    • 1. Windows 7 AppCompat
      Lynn Langit
      http://blogs.msdn.com/SoCalDevGal
      Microsoft – Developer Evangelist
    • 2. Windows 7 Builds on Windows Vista
      Few Changes: Most software that runs on Windows Vista® will run on Windows® 7 – exceptions will be low-level code (AV, Firewall, Imaging, etc.).
      Hardware that runs Windows Vista well will run Windows 7 well.
      Few Changes: Focus on quality and reliability improvements
      Deep Changes: New models for security, drivers, deployment, and networking
    • 3. AppCompat & LightUp
    • From XP to Windows 7
      http://code.msdn.microsoft.com/XP2Win7
    • 19. The Application
      Image Viewer
      WPF Application
      Runs on XP, Vista, Win7
      On XP basic functionality with no special OS features
      Manually Create album
      Crawler (expensive) Service searching images
      Change Skin
      Reset DB / Reset configuration
      Lights Up on Windows 7
    • 20. Application Running on XP
    • 21. The Application Running on 7
      Enhancing an existing Windows XP application with Windows 7 features
      IO Background Priority
      Libraries
      Trigger Start Services
      Power Management
      Command Links
      Scheduled Tasks
      PowerShell 2
      Windows 7 Multitouch
      Windows 7 Sensors
      Other…
      Application Restart and Recovery
      Preview Handlers
      Windows Search
      Windows 7 Event Tracing
      User Account Control
      Windows 7 Taskbar
      Transactional NTFS
      Microsoft Management Console Snap-In
    • 22. Application Running on 7
    • 23. Demo
      Photo Viewer on Windows 7
    • 24. Compat - New Folder Locations
      “My Documents” folder structure has changed
      The user data is now stored in: ‘usersusername%’ folder structure
      Pictures, Music, Documents, Desktop, and Favorites are all new folders directly under this structure
      The “My “ prefix was dropped from Documents, Music, etc.
      “All Users” became “Public” and “ProgramData”
      My Documents still exist as directory junction
      Use the SHGetKnownFolderPath APIs
    • 25. Compat - Application Data Best Practices
      Where to put your data:
      Place per-user configuration data into %LOCALAPPDATA% (Roaming into %APPDATA%)
      Place Per-Machine (Shared) configuration data into %ALLUSERSPROFILE% (e.g. c:ProgramData)
      Per-Machine (Shared) user documents into %PUBLIC%
      Per user documents go to %USERPROFILE%
    • 26. Compat - User Account Control
      • Applications run as Standard User by default
      • 27. Standard User has some permissions
      • 28. Run most applications
      • 29. Change per user settings
      • 30. Standard User can NOT do many things
      • 31. Install applications
      • 32. Change system components
      • 33. Change per machine settings
      • 34. Admin “privileges”
    • Windows UAC
      All users run as Standard User by default
      • Filtered token created during logon
      Only specially marked apps get the unfiltered token
      Explicit consent required for elevation
      • Predictable shell elevation paths
      High application compatibility
      • Data redirection
      Enabling legacy apps to run as standard user
      • Installer Detection
    • UAC Architecture
      Abby
      Standard User Rights
      Administrative Rights
      Admin logon
      Admin Token
      “Standard User” Token
    • 35. UAC Architecture
      Abby
      User Process
      Standard User Privilege
      Standard User Rights
      Administrative Rights
      Standard User Mode
    • 41. UAC Architecture
      Abby
      User Process
      Change Time
      Standard User Privilege
      Admin Privilege
      Admin Privilege
      Admin Privilege
      Admin Process
      Configure IIS
      Admin Process
      Install Application
      Admin Process
      Standard User Rights
      Administrative Rights
      Admin Privileges
    • 47. Consent UI
      OS Application
      Unsigned Application
      Signed Application
    • 48. Credential UI
    • 49. UAC Split Tokens
      Demo
    • 50. Designing for UAC
      1st Choice: Make application run as Standard User only
      2nd Choice: Clearly identify Administrative tasks
      Ensure Standard users can be fully productive
      Identify tasks that need elevation with a “shield”
    • 51. UX: The Shield
      Attached to controls to indicate that elevation is required to use their associated feature
      Has only one state (i.e. no hover, disabled etc.)
      Does not remember elevated state
      Not an unlock operation
      Can be programmatically set:
      HICON shieldIcon = LoadIcon(NULL, IDI_SHIELD)
      SendMessage(button, BCM_SETSHIELD, 0, TRUE) or using the macro in Commctrl.h:
      Button_SetElevationRequiredState(commandLink, TRUE)
    • 52. Security Shield UI Examples
    • 53. Application Manifests
      Vista-aware applications embed an XML manifest
      Manifest contains a RequestedExecutionLevel:
    • 54. Finding/Solving UAC Issues
      Do you?
      Write to Program Files, Windows, System32, HKLM/Software, or Root?
      Create anything “globally”
      UseWindows messages between isolation levels
      Try
      Running the application “As Administrator”
      Testing with UAC off
      Tools
      Process Monitor
      Standard User Analyzer
    • 55. Windows Services Basics
      Started and managed by Service Control Manager
      Controlled by SCM
      Starting and stopping services
      Disabled, Manual and Automatic
      Managing running services
      Maintaining service-related state information
      Started – Stopped - Paused
      Services can run in their own process or shared hosted process (e.g. svchost.exe)
    • 56. Services and Security
      Attractions for malware
      May be configured to auto start on boot
      Potential to run from boot without using well known auto-start methods
      Often run in highly privileged contexts
      As mentioned, runs outside of UAC and enables app to potentially take control of UAC behavior (e.g. MSI)
      Services can run in their own process or shared hosted process
    • 57. Sessions in XP/W2K/WS03
      Session 0
      Window Station
      Desktop
      Services
      Shatter Attack
      1st User’sWindow
      1st User’sWindow
      1st User’sWindow
      Screen Saver
      Login
    • 58. Sessions in Win7/Vista/Windows 2008
      Session 0
      Session 1
      Window Station
      Window Station
      Desktop
      Desktop
      Service
      1st User’sWindow
      1st User’sWindow
      Service
      1st User’sWindow
      Screen Saver
      Login
      Secure
    • 59. Session 0 Isolation
      demo
    • 60. Service Hardening
      Windows XP services made great attack vectors:
      Running in shared session, usually w/high privilege
      Sometimes w/UI (interactive services)
      So we had Shatter Attacks
      good reasons to have Service Isolation in session 0 and Mandatory Integrity Control
      Windows Vista and 7
      Services run outside of UAC
      ISVs may be tempted to circumvent OS security
      The potential attack surface has lessened so services are a more attractive target
    • 61. Three Service Hardening Designs
      Services need to run least privileged
      Services can now have their own SID
      This can be used to lock down / sandbox the resources that the Service has access to
    • 62. Perf Enhance - Trigger Start Service
      New in Windows 7 - SCM registers for system events via interesting providers:
      Device arrival
      IP address
      Domain join and leave
      Group policy updates
      Custom Event Tracing for Windows event
      SCM starts or stops registered services:
      TabletInputService started only if digitizer is present
      StorSvc starts when group policy updates are applied, automatically stops
    • 63. Trigger Start Examples
    • 64. Service or Scheduled Task?
      • Continuous activity from boot to shutdown
      • 65. Service Control Manager (SCM) programming model
      • 66. Can specify dependency
      • 67. Short duration action
      • 68. Idle activity
      • 69. Take action on user login
      • 70. Standalone executable or out-of-process COM server
      • 71. Generally execute in user session
      Windows Service
      Scheduled Task
    • 72. Compat - Operating System Version
      Windows 7 is … Windows 6.1? (for Vista Compat)
      dwMajorVersion stays the same
      dwMinorVersion changes
      Remediation
      Check for features, not versions
      If checking for version, then use the > key (check the OS version as >= so that your app can work on future releases of the OS)
      Version lies
    • 73. Compatibility Tab
      Layers
    • 74. Shim Application
      Implements Windows API hooks
      Shim engine is responsible for applying the shims
    • 75. How Shims are Loaded
      Shims are applied per executable
      Shim engine
      applies
      API hooks
      Run initialization
      routines
      Loader maps executable and statically linked DLLs
      into memory
    • 76. Compat – Misc Regressions
      • Removal of Windows Mail
      • 77. Removal of Windows Movie Maker
      • 78. NLS Sorting Changes
      • 79. Internet Explorer 8 - User Agent String
      • 80. Removal of Windows Registry Reflection
      • 81. Removal of WPDUSB.SYS Driver for Windows Portable Devices
      • 82. Microsoft Message Queuing (MSMQ)
    • Problem Step Recorder
      %windir%system32psr.exe
      Allows testers and users to track, step by step, exactly what an application is doing, creating an .mht file with screenshots illustrating the bug reproduction
      Creates a .zip file containing an .mht file
      Integrated with Dr. Watson for Windows
    • 83. This Was Very Surprising To Us…
      Users with Max Resolution of 1600X1200
      Details
      Almost half of all of users are not configuring their display to maximum resolution (!)
      Users are lowering their screen resolution to get larger text…
    • 84. High DPI - Why Do We Care?
      Non-native resolution negates the value of high fidelity displays
      Text looks blurry because ClearType requires native resolution
      Can’t display native high def content
      720p high definition video requires 1280x720 resolution
      1080p requires 1920x1080
      1.9 megapixel photos requires 1600x1200 native
      Many people accidentally select a non-native aspect ratio
      Pixilated Content does not take advantage of the display
      Non-native aspect Ratio Settings “Squishes” Content
    • 85. High DPI Issues
      Clipped Text
      Layout Issues & Image Size Issues
      WinForms Issues
      Pixilated Bitmaps
      Blurry UI
      Mismatched Font Sizes
    • 86. Graphics Improvements in Windows 7
      New
    • 87. Graphics APIs for Rich Client Applications
    • 88. DirectX: When the application needs control over features and performance
      WPF: When the application needs richness but needs to be built quickly and there is no need for fine grained control over hw performance and features
      GDI: When the application needs to work on all Microsoft OSs and the lowest common denominator functionality is sufficient
      When to use which API
      Increasing HW Exploitiveness
    • 89. Advancing the platform
    • 90. Direct3D
      Segoe UI
      DirectWrite
      Direct2D
      Windows 7 DWM memory consumption is cut by 50% per window
      Take advantage of the GPU’s computation power
      High-DPI support & High Color
      Windows 7 DWM uses Direct3D10.1 API
      DXVA & WIC
      Graphic Improvements
    • 91. Direct2D And DirectWrite
      New APIs in Windows 7
      Win32 developers
      Interoperability
      Usable in service context
      Direct2D
      2D graphics rendering tasks
      Increased performance and visual quality
      DirectWrite
      Vertical stack for text services
      Fonts, Script Processing, Layout
    • 92. Direct2D: New in Windows 7
      Rendering Focused Immediate Mode API:
      2D Vectors & Geometry, Bitmaps & Text
      Hardware & Software Pipelines
      Built for Performance on Direct3D 10.1
      Interoperable with Direct3D & GDI
      High Quality Rendering:
      Per Primitive Anti-Aliasing & MSAA via Direct3D
      Remoted via Direct3D 10.1
      Printing support via XPS
    • 93. Direct2D Performance
      demo
    • 94. DirectWrite
      Modern Typography
      Enables world-wide applications
      ClearType advances
      Works with any rendering technology
      Hardware accelerated via Direct2D
      Best reading experience for the PC
    • 95. Gabriola
    • 96. DirectWrite
      demo
    • 97. Call to Action: Fundamentals
    • 98. Windows 7 Readiness Programs
      Make sure your applications work with Windows 7
      Allow MS to tell our customers about your Apps
      Publish your support policy for Windows 7
      List your solutions on the Compatibility Center
      Get the Windows 7 Logo
      Focused on Compatible Applications
      Simple Process – No 3rd party testing required
      http://connect.microsoft.com/InvitationUse.aspx?ProgramID=2872&SiteID=704&InvitationID=Win7-K86V-HW3G
    • 99. Resources
      Cookbooks
      “Application Compatibility Cookbook”
      “Windows 7 Application Quality Cookbook”
      MSDN Application Compatibility: http://msdn.microsoft.com/en-us/windows/aa904987.aspx
      TechNet Windows Application Compatibility: http://technet.microsoft.com/en-us/desktopdeployment/bb414773.aspx
      DevReadiness.org
      Channel 9: http://channel9.msdn.com/tags/Application+Compatibility/
    • 100. Track Resources
      Windows 7 RC Training for Developers
      Windows content on Channel 9 
      Windows 7 Developer Center on MSDN
      Windows Application Compatibility Roadmap
      Windows 7 Blog for Developers
      My blog series – http://blogs.msdn.com/SoCalDevGal#Win7DevSeries
      My MSDN show – MSDN geekSpeak
      My Facebook group ‘Windows 7 Developers’
      Links, Video & Screencasts
    • 101. Related Content
      Breakout Sessions
      WCL201 Developing for Windows 7
      WCL301 Windows Application Readiness for Developers
      WCL302 Optimizing Your Application for the Windows 7 User Experience
      Whiteboard Session
      WTB215 Windows Client Development Discussion
      Hands-on Lab
      WCL08-HOL Windows 7: Mitigating Application Issues Using Shims
    • 102. Tech·Ed Africa 2009 sessions will be made available for download the week after the event from: www.tech-ed.co.za
      www.microsoft.com/teched
      International Content & Community
      www.microsoft.com/learning
      Microsoft Certification & Training Resources
      http://microsoft.com/technet
      Resources for IT Professionals
      http://microsoft.com/msdn
      Resources for Developers
      Resources
    • 103. Required Slide
      10 pairs of MP3 sunglasses to be won
      Complete a session evaluation and enter to win!
    • 104. © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.
      The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

    ×