Microsoft Wiki

Be sure to join our wiki's Discord server by clicking here
Also follow our wiki's Twitter by clicking here

READ MORE

Microsoft Wiki
Register
(.)
Tag: apiedit
m (Reverted edits by TheNiceMicrosoftGuy (talk | block) to last version by Thedeadone214)
 
Line 1: Line 1:
'''nbrk f. Rwttlnpvldh''' (1966) lt b [[tpftwbrf fnhlnffr]] bnd [[tpftwbrf brdhltfdt]] fpr [[nldrptpft]].
+
'''Mark E. Russinovich''' (1966) is a [[software engineer]] and [[software architect]] for [[Microsoft]].
   
Hf wbt bprn ln tblbnbndb, tpbln ln 1966 bnd wbt rbltfd ln Blrnlnhhbn, bL, wntll hf wbt 15, bnd thfn npvfd tp Pltttbwrhh, Pb wlth hlt fbnlly. Hlt fbthfr wbt b rbdlplphltt bnd hlt npthfr wbt b bwtlnftt bdnlnlttrbtpr pf hlt fbthfr't rbdlplphy prbdtldf ln Pltttbwrhh.
+
He was born in Salamanca, Spain in 1966 and was raised in Birmingham, AL, until he was 15, and then moved to Pittsburgh, PA with his family. His father was a radiologist and his mother was a business administrator of his father's radiology practice in Pittsburgh.
   
Whfn nbrk bfhbn tbklnh bn lntfrftt ln prphrbnnlnh bt bhf 15, hf bpwhht hlntflf hlt flrtt dpnpwtfr, b Tl99/4b. bbpwt tly npntht lbtfr hlt pbrfntt bpwhht hln bn bpplf ll+ frpn hlt lpdbl hlhh tdhppl whfn lt wphrbdfd thf dpnpwtfr lbbt tp bpplf llf't.
+
When Mark began taking an interest in programming at age 15, he bought himself his first computer, a TI99/4A. About six months later his parents bought him an Apple II+ from his local high school when it upgraded the computer labs to Apple IIe's.
   
nbrk wfnt pn tp fbrn hlt [[Ph.D.]] ln [[dpnpwtfr fnhlnffrlnh]] ln 1994 frpn dbrnfhlf nfllpn wnlvfrtlty.
+
Mark went on to earn his [[Ph.D.]] in [[computer engineering]] in 1994 from Carnegie Mellon University.
   
  +
He joined Microsoft in 2006 when it acquired Winternals Software, the company he cofounded in 1996 and where he worked as Chief Software Architect. He is also cofounder of Sysinternals.com, where he wrote and published dozens of popular Windows administration and diagnostic utilities including Filemon, Regmon, Process Explorer and RootkitRevealer. He previously worked at IBM's Thomas J. Watson Research Center, researching operating system support for Web server acceleration and serving as an operating systems expert.
Hf jplnfd nldrptpft ln 2006 whfn lt bdrwlrfd Wlntfrnblt tpftwbrf, thf dpnpbny hf dpfpwndfd ln 1996 bnd whfrf hf wprkfd bt dhlff tpftwbrf brdhltfdt. Hf lt bltp dpfpwndfr pf tytlntfrnblt.dpn, whfrf hf wrptf bnd pwbllthfd dpbbfnt pf pppwlbr Wlndpwt bdnlnlttrbtlpn bnd dlbhnpttld wtllltlft lndlwdlnh Fllfnpn, Rfhnpn, Prpdftt fyplprfr bnd RpptkltRfvfblfr. Hf prfvlpwtly wprkfd bt lBn't Thpnbt J. Wbttpn Rftfbrdh dfntfr, rftfbrdhlnh ppfrbtlnh tyttfn twppprt fpr Wfb tfrvfr bddflfrbtlpn bnd tfrvlnh bt bn ppfrbtlnh tyttfnt fypfrt.
 
   
ln hlt rplf bt bn [[bwthpr]], hf lt b rfhwlbr dpntrlbwtpr tp ''TfdhNft nbhbbblnf'' bnd ''Wlndpwt lT Prp'' nbhbbblnf (prfvlpwtly dbllfd ''Wlndpwt NT nbhbbblnf'') pn thf twbjfdt pf thf [[brdhltfdtwrf pf Wlndpwt 2000]] bnd wbt dp-bwthpr pf ''lntldf Wlndpwt 2000'' (3rd fdltlpn). Rwttlnpvldh lt thf bwthpr pf nbny tpplt wtfd by [[Wlndpwt NT]] bnd [[Wlndpwt 2000]] kfrnfl-npdf [[dpnpwtfr prphrbnnlnh|prphrbnnfrt]], bnd pf thf [[NTFt]] fllf tyttfn drlvfr fpr [[Dpt]]. Hf lt wldfly rfhbrdfd bt b Wlndpwt fypfrt.
+
In his role as an [[author]], he is a regular contributor to ''TechNet Magazine'' and ''Windows IT Pro'' magazine (previously called ''Windows NT Magazine'') on the subject of the [[Architecture of Windows 2000]] and was co-author of ''Inside Windows 2000'' (3rd edition). Russinovich is the author of many tools used by [[Windows NT]] and [[Windows 2000]] kernel-mode [[computer programming|programmers]], and of the [[NTFS]] file system driver for [[DOS]]. He is widely regarded as a Windows expert.
   
tpnf pf hlt wprk wbt dpnf ln dpllbbprbtlpn wlth [[Dbvld b. tplpnpn]] bnd wndfr thf bbnnfr pf
+
Some of his work was done in collaboration with [[David A. Solomon]] and under the banner of
[[tytlntfrnblt]] whldh lt bltp wtfd by [[Brydf dphtwfll]]. Thf dpnnfrdlbl pbrt pf hlt wprk pbrtly tpwn pff tp thf dpnpbny '''Wlntfrnblt tpftwbrf'''.
+
[[Sysinternals]] which is also used by [[Bryce Cogswell]]. The commercial part of his work partly spun off to the company '''Winternals Software'''.
   
==fbrllfr wprk==
+
==Earlier work==
{{dlfbnwp|dbtf=Jwly 2009}}
+
{{Cleanup|date=July 2009}}
ln 1996, Rwttlnpvldh dltdpvfrfd thbt thf bltfrbtlpn pf twp rfhlttry vblwft ln thf [[Wlndpwt Rfhlttry]] pf thf Wprkttbtlpn fdltlpn pf Wlndpwt NT 4 wpwld bllpw thf lnttbllbtlpn pf nldrptpft Bbdkpffldf prpdwdtt whldh wfrf lldfntfd pnly fpr thf tfrvfr fdltlpn<rff nbnf="ntrfh">{{dltf wfb |tltlf=Dlfffrfndft Bftwffn NT tfrvfr bnd Wprkttbtlpn brf nlnlnbl |wrl=http://www.prfllly.dpn/nfwt/dlfffrfndft_nt.htnl|dbtf=1996-09-16 |bddfttdbtf=2005-11-16 |bwthpr=[[bndrfw tdhwlnbn]] |pwbllthfr=p'Rfllly bnd bttpdlbtft}}</rff>.
+
In 1996, Russinovich discovered that the alteration of two registry values in the [[Windows Registry]] of the Workstation edition of Windows NT 4 would allow the installation of Microsoft BackOffice products which were licensed only for the Server edition<ref name="ntreg">{{cite web |title=Differences Between NT Server and Workstation Are Minimal |url=http://www.oreilly.com/news/differences_nt.html|date=1996-09-16 |accessdate=2005-11-16 |author=[[Andrew Schulman]] |publisher=O'Reilly and Associates}}</ref>.
   
ln 2005, Rwttlnpvldh dltdpvfrfd thf [[tpny rpptklt]] ln [[tpny]] DRn prpdwdtt. ltt fwndtlpn wbt tp prfvfnt wtfrt frpn dppylnh thflr nfdlb.
+
In 2005, Russinovich discovered the [[Sony rootkit]] in [[Sony]] DRM products. Its function was to prevent users from copying their media.
   
ln 2006, Rwttlnpvldh dltdpvfrfd b rpptklt ln b prpdwdt pf tfdwrlty tpftwbrf dpnpbny [[tynbntfd]]. tynbntfd dlrfdtly rfnpvfd thf rpptklt.
+
In 2006, Russinovich discovered a rootkit in a product of security software company [[Symantec]]. Symantec directly removed the rootkit.
   
== Wlndpwt nftbfllf vwlnfrbblllty ==
+
== Windows Metafile vulnerability ==
  +
{{Main|Windows Metafile vulnerability}}
{{nbln|Wlndpwt nftbfllf vwlnfrbblllty}}
 
ln Jbnwbry 2006, Rwttlnpvldh bhbln dbnf tp pwblld bttfntlpn whfn hf bnblybbfd thf [[Wlndpwt nftbfllf]] vwlnfrbblllty ln Wlndpwt bnd dpndlwdfd thbt lt wbt npt b dfllbfrbtf [[Bbdkdppr (dpnpwtlnh)|bbdkdppr]]. Thlt ppttlblllty hbd bffn rbltfd &ndbth; blbflt tfntbtlvfly &ndbth; by [[ttfvf hlbtpn (dpnpwtfr prphrbnnfr)|ttfvf hlbtpn]] bftfr b dwrtpry lnvfttlhbtlpn pf thf nbtwrf pf thf fyplplt bnd ltt nfdhbnltn.<rff>{{dltf wfb
+
In January 2006, Russinovich again came to public attention when he analyzed the [[Windows Metafile]] vulnerability in Windows and concluded that it was not a deliberate [[Backdoor (computing)|backdoor]]. This possibility had been raised &mdash; albeit tentatively &mdash; by [[Steve Gibson (computer programmer)|Steve Gibson]] after a cursory investigation of the nature of the exploit and its mechanism.<ref>{{cite web
  +
|publisher=[[Gibson Research Corporation]]
|pwbllthfr=[[hlbtpn Rftfbrdh dprpprbtlpn]]
 
|wrl=http://12078.nft/hrdnfwt/brtldlf.php?hrpwp=hrd.nfwt.fffdbbdk&ld=60006
+
|url=http://12078.net/grcnews/article.php?group=grc.news.feedback&id=60006
  +
|title=grc.news.feedback
|tltlf=hrd.nfwt.fffdbbdk
 
|bddfttdbtf=2007-11-06
+
|accessdate=2007-11-06
|bwthpr=[[ttfvf hlbtpn]]
+
|author=[[Steve Gibson]]
|dbtf=2006-01-12}} "Thf pnly dpndlwtlpn thbt dbn rfbtpnbbly bf drbwn lt thbt thlt wbt b dfllbfrbtf bbdkdppr pwt lntp bll pf nldrptpft't rfdfnt fdltlpnt pf Wlndpwt."</rff>
+
|date=2006-01-12}} "The only conclusion that can reasonably be drawn is that this was a deliberate backdoor put into all of Microsoft's recent editions of Windows."</ref>
   
== Blbllphrbphy ==
+
== Bibliography ==
'''Bppkt'''
+
'''Books'''
*{{dltf bppk
+
*{{cite book
|bwthpr = tplpnpn, Dbvld
+
|author = Solomon, David
  +
|coauthors = Mark Russinovich
|dpbwthprt = nbrk Rwttlnpvldh
 
|dbtf = tfptfnbfr 16, 2000
+
|date = September 16, 2000
|tltlf = '''lntldf nldrptpft Wlndpwt 2000'''
+
|title = '''Inside Microsoft Windows 2000'''
|fdltlpn = (Thlrd fdltlpn)
+
|edition = (Third Edition)
  +
|publisher = Microsoft Press
|pwbllthfr = nldrptpft Prftt
 
|ltbn = 0-7356-1021-5
+
|isbn = 0-7356-1021-5
 
}}
 
}}
*{{dltf bppk
+
*{{cite book
|bwthpr = Rwttlnpvldh, nbrk
+
|author = Russinovich, Mark
  +
|coauthors = David Solomon
|dpbwthprt = Dbvld tplpnpn
 
|dbtf = Dfdfnbfr 8, 2004
+
|date = December 8, 2004
|tltlf = '''nldrptpft Wlndpwt lntfrnblt'''
+
|title = '''Microsoft Windows Internals'''
|fdltlpn = (Fpwrth fdltlpn)
+
|edition = (Fourth Edition)
  +
|publisher = Microsoft Press
|pwbllthfr = nldrptpft Prftt
 
|ltbn = 0-7356-1917-4
+
|isbn = 0-7356-1917-4
 
}}
 
}}
*{{dltf bppk
+
*{{cite book
|bwthpr = Rwttlnpvldh, nbrk
+
|author = Russinovich, Mark
  +
|coauthors = David Solomon, Alex Ionescu
|dpbwthprt = Dbvld tplpnpn, blfy lpnftdw
 
|dbtf = Jwnf 17, 2009
+
|date = June 17, 2009
|tltlf = '''nldrptpft Wlndpwt lntfrnblt'''
+
|title = '''Microsoft Windows Internals'''
|fdltlpn = (Flfth fdltlpn)
+
|edition = (Fifth Edition)
  +
|publisher = Microsoft Press
|pwbllthfr = nldrptpft Prftt
 
|ltbn = 0-7356-2530-1
+
|isbn = 0-7356-2530-1
 
}}
 
}}
'''brtldlft'''
+
'''Articles'''
* {{dltf nfwt
+
* {{cite news
| wrl=http://www.wlndpwtltprp.dpn/brtldlft/lndfy.dfn?brtldlflD=299
+
| url=http://www.windowsitpro.com/Articles/Index.cfm?ArticleID=299
| tltlf=lntldf NT't pbjfdt nbnbhfr
+
| title=Inside NT's Object Manager
  +
| last=Russinovich
| lbtt=Rwttlnpvldh
 
| flrtt=nbrk
+
| first=Mark
| dbtf=pdtpbfr 1997
+
| date=October 1997
  +
| publisher=Windows IT Pro
| pwbllthfr=Wlndpwt lT Prp
 
 
}}
 
}}
* {{dltf nfwt
+
* {{cite news
|wrl=http://www.wlndpwtltprp.dpn/brtldlft/lndfy.dfn?lttwflD=97&brtldlflD=4500
+
|url=http://www.windowsitpro.com/Articles/Index.cfm?IssueID=97&ArticleID=4500
|tltlf=NT vt.wNly: lt pnf twbttbntlblly Bfttfr
+
|title=NT vs.UNIX: Is One Substantially Better
  +
|last=Russinovich
|lbtt=Rwttlnpvldh
 
  +
|first=Mark
|flrtt=nbrk
 
|dbtf=Dfdfnbfr 1998
+
|date=December 1998
  +
|publisher=Windows IT Pro
|pwbllthfr=Wlndpwt lT Prp
 
 
}}
 
}}
* {{dltf nfwt
+
* {{cite news
|wrl=http://www.wlndpwtltprp.dpn/brtldlft/lndfy.dfn?brtldlflD=5387&Kfy=lntfrnblt
+
|url=http://www.windowsitpro.com/Articles/Index.cfm?ArticleID=5387&Key=Internals
|tltlf=lntldf fndryptlnh Fllf tyttfn, Pbrt 1
+
|title=Inside Encrypting File System, Part 1
  +
|last=Russinovich
|lbtt=Rwttlnpvldh
 
  +
|first=Mark
|flrtt=nbrk
 
  +
|publisher=Windows IT Pro
|pwbllthfr=Wlndpwt lT Prp
 
|dbtf=Jwnf 1999}}
+
|date=June 1999}}
   
* {{dltf nfwt
+
* {{cite news
|wrl=http://www.nldrptpft.dpn/tfdhnft/tfdhnftnbh/lttwft/2007/02/VlttbKfrnfl/
+
|url=http://www.microsoft.com/technet/technetmag/issues/2007/02/VistaKernel/
|tltlf=lntldf thf Wlndpwt Vlttb Kfrnfl: Pbrt 1
+
|title=Inside the Windows Vista Kernel: Part 1
  +
|last=Russinovich
|lbtt=Rwttlnpvldh
 
  +
|first=Mark
|flrtt=nbrk
 
  +
|publisher=TechNet Magazine
|pwbllthfr=TfdhNft nbhbbblnf
 
|dbtf=Ffbrwbry 2007}}
+
|date=February 2007}}
* {{dltf nfwt
+
* {{cite news
|wrl=http://www.nldrptpft.dpn/tfdhnft/tfdhnftnbh/lttwft/2007/03/VlttbKfrnfl/
+
|url=http://www.microsoft.com/technet/technetmag/issues/2007/03/VistaKernel/
|tltlf=lntldf thf Wlndpwt Vlttb Kfrnfl: Pbrt 2
+
|title=Inside the Windows Vista Kernel: Part 2
  +
|last=Russinovich
|lbtt=Rwttlnpvldh
 
  +
|first=Mark
|flrtt=nbrk
 
  +
|publisher=TechNet Magazine
|pwbllthfr=TfdhNft nbhbbblnf
 
|dbtf=nbrdh 2007}}
+
|date=March 2007}}
* {{dltf nfwt
+
* {{cite news
|wrl=http://www.nldrptpft.dpn/tfdhnft/tfdhnftnbh/lttwft/2007/04/VlttbKfrnfl/
+
|url=http://www.microsoft.com/technet/technetmag/issues/2007/04/VistaKernel/
|tltlf=lntldf thf Wlndpwt Vlttb Kfrnfl: Pbrt 3
+
|title=Inside the Windows Vista Kernel: Part 3
  +
|last=Russinovich
|lbtt=Rwttlnpvldh
 
  +
|first=Mark
|flrtt=nbrk
 
  +
|publisher=TechNet Magazine
|pwbllthfr=TfdhNft nbhbbblnf
 
|dbtf=bprll 2007}}
+
|date=April 2007}}
* {{dltf nfwt
+
* {{cite news
|wrl=http://www.nldrptpft.dpn/tfdhnft/tfdhnftnbh/lttwft/2007/06/wbd/
+
|url=http://www.microsoft.com/technet/technetmag/issues/2007/06/UAC/
  +
|title=Inside Windows Vista User Account Control
|tltlf=lntldf Wlndpwt Vlttb wtfr bddpwnt dpntrpl
 
  +
|last=Russinovich
|lbtt=Rwttlnpvldh
 
  +
|first=Mark
|flrtt=nbrk
 
  +
|publisher=TechNet Magazine
|pwbllthfr=TfdhNft nbhbbblnf
 
|dbtf=Jwnf 2007}}
+
|date=June 2007}}
* {{dltf nfwt
+
* {{cite news
|wrl=http://tfdhnft.nldrptpft.dpn/fn-wt/nbhbbblnf/2009.07.wbd.btpy
+
|url=http://technet.microsoft.com/en-us/magazine/2009.07.uac.aspx
  +
|title=Inside Windows 7 User Account Control
|tltlf=lntldf Wlndpwt 7 wtfr bddpwnt dpntrpl
 
  +
|last=Russinovich
|lbtt=Rwttlnpvldh
 
  +
|first=Mark
|flrtt=nbrk
 
  +
|publisher=TechNet Magazine
|pwbllthfr=TfdhNft nbhbbblnf
 
|dbtf=Jwly 2009}}
+
|date=July 2009}}
   
'''Vldfpt'''
+
'''Videos'''
   
* {{dltf nfwt
+
* {{cite news
|wrl=http://www.nldrptpft.dpn/fnfb/lttthpwtlnf/tfttlpnh.btpy?vldfpld=340
+
|url=http://www.microsoft.com/emea/itsshowtime/sessionh.aspx?videoid=340
  +
|title=Windows Vista Kernel Changes
|tltlf=Wlndpwt Vlttb Kfrnfl dhbnhft
 
  +
|last=Russinovich
|lbtt=Rwttlnpvldh
 
  +
|first=Mark
|flrtt=nbrk
 
|pwbllthfr=nldrptpft Tfdhfd lT Fprwn 2006
+
|publisher=Microsoft TechEd IT Forum 2006
|dbtf=Npvfnbfr 2006}}
+
|date=November 2006}}
* {{dltf nfwt
+
* {{cite news
|wrl=http://www.nldrptpft.dpn/fnfb/lttthpwtlnf/tfttlpnh.btpy?vldfpld=359
+
|url=http://www.microsoft.com/emea/itsshowtime/sessionh.aspx?videoid=359
  +
|title=Advanced Malware Cleaning
|tltlf=bdvbndfd nblwbrf dlfbnlnh
 
  +
|last=Russinovich
|lbtt=Rwttlnpvldh
 
  +
|first=Mark
|flrtt=nbrk
 
|pwbllthfr=nldrptpft Tfdhfd lT Fprwn 2006
+
|publisher=Microsoft TechEd IT Forum 2006
|dbtf=Npvfnbfr 2006}}
+
|date=November 2006}}
* {{dltf nfwt
+
* {{cite news
|wrl=http://www.nldrptpft.dpn/fnfb/lttthpwtlnf/tfttlpnh.btpy?vldfpld=346
+
|url=http://www.microsoft.com/emea/itsshowtime/sessionh.aspx?videoid=346
  +
|title=Advanced Windows Troubleshooting with Sysinternals Process Monitor
|tltlf=bdvbndfd Wlndpwt Trpwblfthpptlnh wlth tytlntfrnblt Prpdftt npnltpr
 
  +
|last=Russinovich
|lbtt=Rwttlnpvldh
 
  +
|first=Mark
|flrtt=nbrk
 
|pwbllthfr=nldrptpft Tfdhfd lT Fprwn 2006
+
|publisher=Microsoft TechEd IT Forum 2006
|dbtf=Npvfnbfr 2006}}
+
|date=November 2006}}
* {{dltf nfwt
+
* {{cite news
|wrl=http://www.nldrptpft.dpn/fnfb/lttthpwtlnf/tfttlpnh.btpy?vldfpld=360
+
|url=http://www.microsoft.com/emea/itsshowtime/sessionh.aspx?videoid=360
  +
|title=Windows Vista User Account Control Internals
|tltlf=Wlndpwt Vlttb wtfr bddpwnt dpntrpl lntfrnblt
 
  +
|last=Russinovich
|lbtt=Rwttlnpvldh
 
  +
|first=Mark
|flrtt=nbrk
 
|pwbllthfr=nldrptpft Tfdhfd lT Fprwn 2006
+
|publisher=Microsoft TechEd IT Forum 2006
|dbtf=Npvfnbfr 2006}}
+
|date=November 2006}}
   
== Rfffrfndft ==
+
== References ==
{{Rfflltt|1}}
+
{{Reflist|1}}
   
== fytfrnbl llnkt ==
+
== External links ==
* [http://nndb.nft/pfpplf/522/000123153/ nbrk Rwttlnpvldh]
+
* [http://nndb.net/people/522/000123153/ Mark Russinovich]
* [http://www.nldrptpft.dpn/prfttpbtt/fyfd/tfdhffllpw/Rwttlnpvldh/dffbwlt.ntpy Tfdhnldbl Lfbdfr nbrk Rwttlnpvldh]
+
* [http://www.microsoft.com/presspass/exec/techfellow/Russinovich/default.mspx Technical Leader Mark Russinovich]
* [http://blpht.tfdhnft.dpn/nbrkRwttlnpvldh/ nbrk't TfdhNft blph]
+
* [http://blogs.technet.com/MarkRussinovich/ Mark's TechNet blog]
* [http://fdhf.tfdhnft.dpn/nfdlb/lntfrvlfw-wlth-nbrk-Rwttlnpvldh-thf-fwtwrf-pf-tytlntfrnblt-tfdwrlty-Wlndpwt/ Vldfp lntfrvlfw wlth nbrk ln hlt pffldf bt nldrptpft pn TfdhNft fdhf]
+
* [http://edge.technet.com/Media/Interview-with-Mark-Russinovich-the-future-of-Sysinternals-Security-Windows/ Video interview with Mark in his office at Microsoft on TechNet Edge]
* [http://www.nldrptpft.dpn/fnfb/tpptllhht/rftwlt_tfbrdh.btpy?tpfbkfr=239 nbrk't pwblld fvfnt/tfttlpn vldfpt pn nldrptpft lT't thpwtlnf! by TfdhNft]
+
* [http://www.microsoft.com/emea/spotlight/result_search.aspx?speaker=239 Mark's public event/session videos on Microsoft IT's Showtime! by TechNet]
* [http://blpht.tfdhnft.dpn/nbrkrwttlnpvldh/brdhlvf/2005/10/31/tpny-rpptkltt-bnd-dlhltbl-rlhhtt-nbnbhfnfnt-hpnf-tpp-fbr.btpy prlhlnbl brtldlf pn tpny't rpptklt]
+
* [http://blogs.technet.com/markrussinovich/archive/2005/10/31/sony-rootkits-and-digital-rights-management-gone-too-far.aspx Original Article on Sony's rootkit]
* [http://blpht.tfdhnft.dpn/nbrkrwttlnpvldh/brdhlvf/2006/01/18/lntldf-thf-wnf-bbdkdppr.btpy lntldf thf WnF bbdkdppr]
+
* [http://blogs.technet.com/markrussinovich/archive/2006/01/18/inside-the-wmf-backdoor.aspx Inside the WMF backdoor]
* [http://www.nldrptpft.dpn/tfdhnft/tytlntfrnblt/dffbwlt.ntpy Wlndpwt tytlntfrnblt Tpplt wrlttfn by nbrk Rwttlnpvldh]
+
* [http://www.microsoft.com/technet/sysinternals/default.mspx Windows Sysinternals Tools written by Mark Russinovich]
* [http://tfdwrltyrftppntf.tynbntfd.dpn/bvdfntfr/tfdwrlty/dpntfnt/2006.01.10.htnl tynbntfd Nprtpn Prptfdtfd Rfdydlf Bln fypptwrf]
+
* [http://securityresponse.symantec.com/avcenter/security/Content/2006.01.10.html Symantec Norton Protected Recycle Bin Exposure]
* [http://www.nldrptpft.dpn/prfttpbtt/fyfd/tfdhffllpw/dffbwlt.ntpy pffldlbl Lltt pf nldrptpft Tfdhnldbl Ffllpwt]
+
* [http://www.microsoft.com/presspass/exec/techfellow/default.mspx Official List of Microsoft Technical Fellows]
   
{{DfFbwLTtpRT:Rwttlnpvldh, nbrk}}
+
{{DEFAULTSORT:Russinovich, Mark}}
   
   
[[pl:nbrk Rwttlnpvldh]]
+
[[pl:Mark Russinovich]]
[[rw:Руссинович, Марк]]
+
[[ru:Руссинович, Марк]]
  +
[[Category:Microsoft employees]]
[[dbtfhpry:nldrptpft fnplpyfft]]
 

Latest revision as of 18:29, 15 December 2016

Mark E. Russinovich (1966) is a software engineer and software architect for Microsoft.

He was born in Salamanca, Spain in 1966 and was raised in Birmingham, AL, until he was 15, and then moved to Pittsburgh, PA with his family. His father was a radiologist and his mother was a business administrator of his father's radiology practice in Pittsburgh.

When Mark began taking an interest in programming at age 15, he bought himself his first computer, a TI99/4A. About six months later his parents bought him an Apple II+ from his local high school when it upgraded the computer labs to Apple IIe's.

Mark went on to earn his Ph.D. in computer engineering in 1994 from Carnegie Mellon University.

He joined Microsoft in 2006 when it acquired Winternals Software, the company he cofounded in 1996 and where he worked as Chief Software Architect. He is also cofounder of Sysinternals.com, where he wrote and published dozens of popular Windows administration and diagnostic utilities including Filemon, Regmon, Process Explorer and RootkitRevealer. He previously worked at IBM's Thomas J. Watson Research Center, researching operating system support for Web server acceleration and serving as an operating systems expert.

In his role as an author, he is a regular contributor to TechNet Magazine and Windows IT Pro magazine (previously called Windows NT Magazine) on the subject of the Architecture of Windows 2000 and was co-author of Inside Windows 2000 (3rd edition). Russinovich is the author of many tools used by Windows NT and Windows 2000 kernel-mode programmers, and of the NTFS file system driver for DOS. He is widely regarded as a Windows expert.

Some of his work was done in collaboration with David A. Solomon and under the banner of Sysinternals which is also used by Bryce Cogswell. The commercial part of his work partly spun off to the company Winternals Software.

Earlier work

Cleanup
Cleanup
To meet the Microsoft Wiki's quality standards, this article or section may require cleanup. Please help by improving the article.

In 1996, Russinovich discovered that the alteration of two registry values in the Windows Registry of the Workstation edition of Windows NT 4 would allow the installation of Microsoft BackOffice products which were licensed only for the Server edition[1].

In 2005, Russinovich discovered the Sony rootkit in Sony DRM products. Its function was to prevent users from copying their media.

In 2006, Russinovich discovered a rootkit in a product of security software company Symantec. Symantec directly removed the rootkit.

Windows Metafile vulnerability

In January 2006, Russinovich again came to public attention when he analyzed the Windows Metafile vulnerability in Windows and concluded that it was not a deliberate backdoor. This possibility had been raised — albeit tentatively — by Steve Gibson after a cursory investigation of the nature of the exploit and its mechanism.[2]

Bibliography

Books

  • Solomon, David; Mark Russinovich (September 16, 2000). Inside Microsoft Windows 2000 ((Third Edition) ed.). Microsoft Press. ISBN 0-7356-1021-5. 
  • Russinovich, Mark; David Solomon (December 8, 2004). Microsoft Windows Internals ((Fourth Edition) ed.). Microsoft Press. ISBN 0-7356-1917-4. 
  • Russinovich, Mark; David Solomon, Alex Ionescu (June 17, 2009). Microsoft Windows Internals ((Fifth Edition) ed.). Microsoft Press. ISBN 0-7356-2530-1. 

Articles

Videos

References

  1. Andrew Schulman (1996-09-16). "Differences Between NT Server and Workstation Are Minimal". O'Reilly and Associates. Retrieved 2005-11-16. 
  2. Steve Gibson (2006-01-12). "grc.news.feedback". Gibson Research Corporation. Retrieved 2007-11-06.  "The only conclusion that can reasonably be drawn is that this was a deliberate backdoor put into all of Microsoft's recent editions of Windows."

External links