Mark E. Russinovich (1966) is a software engineer and software architect for Microsoft.
He was born in Salamanca, Spain in 1966 and was raised in Birmingham, AL, until he was 15, and then moved to Pittsburgh, PA with his family. His father was a radiologist and his mother was a business administrator of his father's radiology practice in Pittsburgh.
When Mark began taking an interest in programming at age 15, he bought himself his first computer, a TI99/4A. About six months later his parents bought him an Apple II+ from his local high school when it upgraded the computer labs to Apple IIe's.
Mark went on to earn his Ph.D. in computer engineering in 1994 from Carnegie Mellon University.
He joined Microsoft in 2006 when it acquired Winternals Software, the company he cofounded in 1996 and where he worked as Chief Software Architect. He is also cofounder of Sysinternals.com, where he wrote and published dozens of popular Windows administration and diagnostic utilities including Filemon, Regmon, Process Explorer and RootkitRevealer. He previously worked at IBM's Thomas J. Watson Research Center, researching operating system support for Web server acceleration and serving as an operating systems expert.
In his role as an author, he is a regular contributor to TechNet Magazine and Windows IT Pro magazine (previously called Windows NT Magazine) on the subject of the Architecture of Windows 2000 and was co-author of Inside Windows 2000 (3rd edition). Russinovich is the author of many tools used by Windows NT and Windows 2000 kernel-mode programmers, and of the NTFS file system driver for DOS. He is widely regarded as a Windows expert.
Some of his work was done in collaboration with David A. Solomon and under the banner of Sysinternals which is also used by Bryce Cogswell. The commercial part of his work partly spun off to the company Winternals Software.
To meet the Microsoft Wiki's quality standards, this article or section may require cleanup. Please help by improving the article.
In 1996, Russinovich discovered that the alteration of two registry values in the Windows Registry of the Workstation edition of Windows NT 4 would allow the installation of Microsoft BackOffice products which were licensed only for the Server edition.
In 2005, Russinovich discovered the Sony rootkit in Sony DRM products. Its function was to prevent users from copying their media.
In 2006, Russinovich discovered a rootkit in a product of security software company Symantec. Symantec directly removed the rootkit.
Windows Metafile vulnerability
In January 2006, Russinovich again came to public attention when he analyzed the Windows Metafile vulnerability in Windows and concluded that it was not a deliberate backdoor. This possibility had been raised — albeit tentatively — by Steve Gibson after a cursory investigation of the nature of the exploit and its mechanism.
- Solomon, David; Mark Russinovich (September 16, 2000). Inside Microsoft Windows 2000 ((Third Edition) ed.). Microsoft Press. ISBN 0-7356-1021-5.
- Russinovich, Mark; David Solomon (December 8, 2004). Microsoft Windows Internals ((Fourth Edition) ed.). Microsoft Press. ISBN 0-7356-1917-4.
- Russinovich, Mark; David Solomon, Alex Ionescu (June 17, 2009). Microsoft Windows Internals ((Fifth Edition) ed.). Microsoft Press. ISBN 0-7356-2530-1.
- Russinovich, Mark (October 1997). "Inside NT's Object Manager". Windows IT Pro. http://www.windowsitpro.com/Articles/Index.cfm?ArticleID=299.
- Russinovich, Mark (December 1998). "NT vs.UNIX: Is One Substantially Better". Windows IT Pro. http://www.windowsitpro.com/Articles/Index.cfm?IssueID=97&ArticleID=4500.
- Russinovich, Mark (June 1999). "Inside Encrypting File System, Part 1". Windows IT Pro. http://www.windowsitpro.com/Articles/Index.cfm?ArticleID=5387&Key=Internals.
- Russinovich, Mark (February 2007). "Inside the Windows Vista Kernel: Part 1". TechNet Magazine. http://www.microsoft.com/technet/technetmag/issues/2007/02/VistaKernel/.
- Russinovich, Mark (March 2007). "Inside the Windows Vista Kernel: Part 2". TechNet Magazine. http://www.microsoft.com/technet/technetmag/issues/2007/03/VistaKernel/.
- Russinovich, Mark (April 2007). "Inside the Windows Vista Kernel: Part 3". TechNet Magazine. http://www.microsoft.com/technet/technetmag/issues/2007/04/VistaKernel/.
- Russinovich, Mark (June 2007). "Inside Windows Vista User Account Control". TechNet Magazine. http://www.microsoft.com/technet/technetmag/issues/2007/06/UAC/.
- Russinovich, Mark (July 2009). "Inside Windows 7 User Account Control". TechNet Magazine. http://technet.microsoft.com/en-us/magazine/2009.07.uac.aspx.
- Russinovich, Mark (November 2006). "Windows Vista Kernel Changes". Microsoft TechEd IT Forum 2006. http://www.microsoft.com/emea/itsshowtime/sessionh.aspx?videoid=340.
- Russinovich, Mark (November 2006). "Advanced Malware Cleaning". Microsoft TechEd IT Forum 2006. http://www.microsoft.com/emea/itsshowtime/sessionh.aspx?videoid=359.
- Russinovich, Mark (November 2006). "Advanced Windows Troubleshooting with Sysinternals Process Monitor". Microsoft TechEd IT Forum 2006. http://www.microsoft.com/emea/itsshowtime/sessionh.aspx?videoid=346.
- Russinovich, Mark (November 2006). "Windows Vista User Account Control Internals". Microsoft TechEd IT Forum 2006. http://www.microsoft.com/emea/itsshowtime/sessionh.aspx?videoid=360.
- Andrew Schulman (1996-09-16). "Differences Between NT Server and Workstation Are Minimal". O'Reilly and Associates. http://www.oreilly.com/news/differences_nt.html. Retrieved 2005-11-16.
- Steve Gibson (2006-01-12). "grc.news.feedback". Gibson Research Corporation. http://12078.net/grcnews/article.php?group=grc.news.feedback&id=60006. Retrieved 2007-11-06. "The only conclusion that can reasonably be drawn is that this was a deliberate backdoor put into all of Microsoft's recent editions of Windows."
- Mark Russinovich
- Technical Leader Mark Russinovich
- Mark's TechNet blog
- Video interview with Mark in his office at Microsoft on TechNet Edge
- Mark's public event/session videos on Microsoft IT's Showtime! by TechNet
- Original Article on Sony's rootkit
- Inside the WMF backdoor
- Windows Sysinternals Tools written by Mark Russinovich
- Symantec Norton Protected Recycle Bin Exposure
- Official List of Microsoft Technical Fellows