Tag: Microsoft

Microsoft WinHEC Taipei 2017

~ hucktech ~ Leave a comment

Welcome to WinHEC June 2017 Registration
The Windows Hardware Engineering Community (WinHEC) is where technical experts from around the world, and Microsoft, come together to make Windows great for every customer. Our next WinHEC event is June 14th and 15th in Taipei, Taiwan. The workshop will feature sessions and a lab for developers, product managers and planners to help prepare for Windows 10 S and to showcase the benefits of adopting key hardware features. Presentations will include: Introduction to Universal Drivers, Universal Developer Center for Hardware and Driver Servicing, Driver Flighting end-to-end, Windows Ink, Windows 10 Mixed Reality, Designing and Optimizing for Long Battery Life and Responsive Windows Devices, Windows Hello, and Developer Platform Updates. We will also have a guided, hands-on lab to explore and practice the concepts covered in the Introduction to Universal Driver session.

https://www.microsoftevents.com/profile/form/index.cfm?PKformID=0x19594336ecd

 

Microsoft updates bug bounty details

~ hucktech ~ Leave a comment

Microsoft updates it’s bug bounties:

https://technet.microsoft.com/en-us/security/mt784431

https://technet.microsoft.com/en-us/library/dn425049.aspx

Absolute seeks OEM Business Development Director

~ hucktech ~ Leave a comment

It is an exciting time for the Absolute and Microsoft partnership!  Absolute’s placement in Windows device firmware provides a truly unique position within the Microsoft partner ecosystem. We continue to strengthen this relationship by opening new doors of engagement through our recent product integration announcements. To further support the relationship, we are looking for a tenured Business Development Director[…]

http://jobs.jobvite.com/absolute/job/oarf5fwF

Windows Internals new edition out

~ hucktech ~ Leave a comment

https://twitter.com/aionescu/status/862741520301965312

http://www.alex-ionescu.com/?p=335

https://blogs.msdn.microsoft.com/microsoft_press/2017/05/09/new-book-windows-internals-seventh-edition-part-1/

https://www.microsoftpressstore.com/store/windows-internals-part-1-system-architecture-processes-9780735684188

 

 

 

 

 

 

 

Wow, this book has gone a long way from “Inside Windows NT” by Helen Custer, the original author:

http://dl.acm.org/citation.cfm?id=138407

https://archive.org/details/insidewindowsnt00solo

Microsoft Windows 10 UEFI training video

~ hucktech ~ Leave a comment

Micosoft has a training video for network administrators that includes some UEFI security topics:

https://mva.microsoft.com/en-US/training-courses/windows-10-security-in-real-life-17127?l=Xz1vNy5XD_104300474

AMI adds RNDIS Network Driver Support in Aptio V

~ hucktech ~ Leave a comment

American Megatrends Inc. (AMI), a global leader in BIOS and UEFI firmware, server and remote management tools, data storage products and unique solutions based on the Linux® and Android™ operating systems is proud to announce Remote NDIS (RNDIS) network driver support for Aptio V UEFI Firmware. The Remote Network Driver Interface Specification (RNDIS) is a Microsoft® specification that allows for remote communication between a host server and RNDIS network device connected using a USB cable. RNDIS messages are sent via the host server to the RNDIS device and the host server can provide support for multiple networking devices connected to a USB bus. The support for RNDIS devices in Aptio V is convenient for hardware vendors because with the standardized interface of RNDIS, the need to develop drivers to support USB LAN adapters conforming to RNDIS specification is eliminated. OEMs including the RNDIS network driver in the BIOS allow end users to plug and play with RNDIS supported USB LAN adapters. Aptio V RNDIS network driver also allows the BIOS to communicate with the Baseboard Management Controller (BMC) that supports the RNDIS specification, commonly referred to as LAN over USB.[…]

https://ami.com/en/news/press-releases/?PressReleaseID=389

 

 

Windows 10 new preboot security features

~ hucktech ~ Leave a comment

There’s a few new preboot-related features in recent builds of Microsoft Windows, excerpt of some of them below.

New features in Windows 10, version 1511:
* Credential Guard: Enable Credential Guard without UEFI lock. You can enable Credential Guard by using the registry. This allows you to disable Credential Guard remotely. However, we recommend that Credential Guard is enabled with UEFI lock. You can configure this by using Group Policy.
* Bitlocker: DMA port protection. You can use the DataProtection/AllowDirectMemoryAccess MDM policy to block DMA ports when the device is starting up. Also, when a device is locked, all unused DMA ports are turned off, but any devices that are already plugged into a DMA port will continue to work. When the device is unlocked, all DMA ports are turned back on.
* Bitlocker: New Group Policy for configuring pre-boot recovery. You can now configure the pre-boot recovery message and recover URL that is shown on the pre-boot recovery screen. For more info, see the Configure pre-boot recovery message and URL section in “BitLocker Group Policy settings.”
* New BCD events: Event ID 4826 has been added to track the following changes to the Boot Configuration Database (BCD): DEP/NEX settings, Test signing, PCAT SB simulation, Debug, Boot debug, Integrity Services, Disable Winload debugging menu
* New PNP events:  Event ID 6416 has been added to track when an external device is detected through Plug and Play. One important scenario is if an external device that contains malware is inserted into a high-value machine that doesn’t expect this type of action, such as a domain controller.
* TPM: Key Storage Providers (KSPs) and srvcrypt support elliptical curve cryptography (ECC).
* TPM: The following sections describe the new and changed functionality in the TPM for Windows 10: Device health attestation, Microsoft Passport support, Device Guard support, Credential Guard support […]

https://docs.microsoft.com/en-us/windows/whats-new/whats-new-windows-10-version-1507-and-1511
https://technet.microsoft.com/en-us/windows/release-info

Microsoft seeks U-Boot Linux firmware Engineer

~ hucktech ~ Leave a comment

Senior Software Engineer, Linux Firmware – CSI / Azure – Cloud Server Infrastructure
The Cloud Server Infrastructure Firmware Development (CSI-FW) team is responsible for server hardware definition, design and development of Server and Rack Infrastructure engineering for Microsoft’s online services. […] This role will be for a highly-motivated Firmware Engineer with a solid background in embedded system design using embedded Linux. […] Required Qualifications:
[…]
* Extensive knowledge of u-boot customization, Linux kernel internals and adding new hardware drivers
[…]

https://careers.microsoft.com/jobdetails.aspx?jid=282596

 

Microsoft MDT: moving from BIOS to UEFI

~ hucktech ~ Leave a comment

If you have a Windows box and are trying to convert MBR/BIOS installs to GPT/UEFI installs on ‘class 2’ systems, you might want to read this:

https://blogs.technet.microsoft.com/mniehaus/2017/04/14/moving-from-bios-to-uefi-with-mdt-8443/

 

Microsoft updates ACPI web page

~ hucktech ~ Leave a comment

Microsoft just updated an ACPI doc of theirs:

https://msdn.microsoft.com/en-us/windows/hardware/drivers/bringup/acpi-system-description-tables

It still refers to ACPI 5.0, while current ACPI version is at 6.1, though… No changelog, you’ll have to compare this against your archive of the old version of this web page. 🙂

Different results from reading the 3 URLs:
http://www.uefi.org/acpi_id_list
http://www.uefi.org/acpi
http://www.uefi.org/uefi-acpi-export (exports a spreadsheet)
http://www.uefi.org/specifications

If you use the search ability of the uefi.org site, eg:

http://www.uefi.org/ACPI_ID_List?search=microsoft

it only lists 3 tables. I’d expect it list WSMT, but it does not. Strange. Note that the ACPI search page says it was last updated 2016, so may not have current data to search?

I’d really like to see the ACPI site map the various registries to all of their specs, not have a few separate lists of company registeries, and a separate list of specs, not tied to companies.

 

MBR2GPT

~ hucktech ~ Leave a comment

“MBR2GPT.EXE converts a disk from Master Boot Record (MBR) to GUID Partition Table (GPT) partition style without modifying or deleting data on the disk. The tool is designed to be run from a Windows Preinstallation Environment (Windows PE) command prompt, but can also be run from the full Windows 10 operating system (OS).[…]”

https://technet.microsoft.com/itpro/windows/deploy/mbr-to-gpt

https://blogs.technet.microsoft.com/windowsitpro/2017/04/05/whats-new-for-it-pros-in-the-windows-10-creators-update/

https://redmondmag.com/articles/2017/04/07/windows-10-creators-update-tools-and-documentation-released.aspx

 

Intel updates Minnowboard firmware, and Firmware Engine for Windows

~ hucktech ~ Leave a comment

Intel has updated their UEFI firmware for the Minnowboard, and has updated Intel Firmware Engine for Windows.

 

 

Hyper-V UEFI bootloader complexities

~ hucktech ~ Leave a comment

[…]Forcing GRUB installation to EFI removable media path does basically the same thing as when Ubuntu installer asks you if you want to force UEFI installation: it installs to the removable media path in the ESP (EFI System Partition). This is fine for environment where no other operating system is present. However if there is another operating system present on the device which depends on this fallback location “removable media path” it will make this system temporary unbootable (you can manually configure GRUB later to boot it if necessary though). Windows installer for example *also* installs to the removable media path in the ESP. All OS installers installing things to this removable media path will conflict with any other such installers and that’s why in Debian (and Ubuntu) installers don’t do this by default. You explicitly have to select UEFI mode during the normal installation (what I did).[…]

https://blog.jhnr.ch/2017/02/23/resolving-no-x64-based-uefi-boot-loader-was-found-when-starting-ubuntu-virtual-machine/

Microsoft seeks Senior UEFI Engineer

~ hucktech ~ Leave a comment

The Surface Team focuses on building devices that fully express the Windows vision. Be part of the team that brings to life experiences in Microsoft Windows and Office through the hardware of its Microsoft Surface product line.   Our team develops the UEFI and firmware that connects the operating system to the hardware. Candidate will be a member of the Surface SW/FW team and be responsible for developing, adapting and fixing code related to UEFI. As a member of the team, candidate will actively participate on development practices such as task planning/sizing and scheduling, bug triage and bug management.   Candidate will actively participate in SCRUM meetings, documenting progress and updating tasks. Candidates are expected to collaborate and familiarize with other functions within the team in order to develop BIOS code that adapts the HW to platform requirements. […]

https://careers.microsoft.com/jobdetails.aspx?jid=275588&job_id=1016471

 

UEFI VBS required by Microsoft

~ hucktech ~ Leave a comment

https://twitter.com/aionescu/status/835553407398100992

 

“VBS will enable No-Execute (NX) protection on UEFI runtime service code and data memory regions. UEFI runtime service code must support read-only page protections, and UEFI runtime service data must not be executable.”

I’m glad Alex is reading these Microsoft updates better than I am. 🙂 Glad to know that VBS is not VBScript.

Microsoft updates OEM Device/Credential Guard requirements

Microsoft updates Device Guard OEM guidance

Microsoft Updates OEM Device/Credential Guard requirements

Microsoft updates Secure Boot and ACPI requirements

~ hucktech ~ Leave a comment

These Microsoft pages have recently (last month) been updated. No changelog, so unclear what has changed. 😦

 

https://msdn.microsoft.com/en-us/windows/hardware/drivers/bringup/secure-boot-and-device-encryption-overview

https://msdn.microsoft.com/en-us/windows/hardware/commercialize/design/device-experiences/acpi-firmware-implementation-requirements

https://msdn.microsoft.com/en-us/windows/hardware/drivers/bringup/firmware-requirements-for-d3cold

 

OSR on debugging bad Windows drivers

~ hucktech ~ Leave a comment

OSR has a nice blog post that shows how to debug bad drivers. OSR is a smart group of Windows-centric driver consultants, check out their NT Insider newsletter if you’re into NT. And their NTdev mailing list.

[…]The bugcheck makes much more sense now. Someone’s stack expansion callback was called at DISPATCH_LEVEL (Arg2 == 2) and returned at PASSIVE_LEVEL (Arg1 == 0). That’s against the rules, thus you get a system crash. Personally I would call this a bug in KeExpandKernelStackAndCalloutEx seeing as how it is generating an IRQL_UNEXPECTED_VALUE using invalid (unexpected?) arguments. At a minimum the documentation is currently wrong though and I have filed a bug to try to get that addressed.

Unexpected Case of Bugcheck IRQL_UNEXPECTED_VALUE (C8)

http://www.osronline.com/showthread.cfm?link=281770

https://www.osr.com/developers-blog/

http://www.osronline.com/showlists.cfm?list=ntdev

http://www.osronline.com/index.cfm

Hmm, it looks like OSRonline.com is becoming ‘legacy’. If there’s not a future home for some of the tools listed there, you might want to grab a set of tools while you still can. The tools are somewhat like SysInternals-style of tools.