Microsoft’s Windows OS is one of the world’s most popular operating systems for personal computers. It features a graphical user interface (GUI) with dropdown menus, graphic icons and movable “windows” that represent folders and files.
The latest version of Windows, 11, anticipates your needs and optimizes your workspace. When paired with the power of Surface devices, it allows you to transform how you interact with technology.
Windows Subsystem
The Windows Subsystem for Linux (WSL) is a feature that enables you to run a Linux environment directly on your Windows machine. WSL integrates tightly with Windows, enabling seamless file sharing and interoperability between the two environments. WSL offers a seamless experience for developers that require both Linux and Windows tools, streamlining development workflows and enhancing productivity.
WSL works by employing a translation layer that converts Linux system calls into Windows system calls, allowing Linux binaries to execute natively on your Windows machine. It also incorporates a lightweight Linux kernel interface responsible for managing Linux-specific functionalities, such as process management and file systems. WSL uses fewer resources than a full virtual machine and gives you access to Windows files within your Linux environment, via Windows paths appended to the path.
Kernel-Mode Drivers
The Windows operating system is split into two logical layers or “modes:” user mode, where the files and applications that you interact with reside, and kernel mode, where the core functions of the OS run. This separation helps to protect the kernel and ensures that only trusted components can access sensitive system resources, such as hardware devices.
To perform an operation, the kernel asks a driver for help by looking up its function in the System Service Descriptor Table (SSDT). The kernel then executes that function on behalf of the requester. This is a powerful capability, but also very dangerous. If a driver writes data to the wrong virtual address, it can corrupt data belonging to other drivers or even the operating system itself. This can lead to the dreaded blue screen of death, in which the entire system crashes.
Understanding the concept of kernel mode and the executive layer is a crucial skill for malware developers to acquire, as it gives them the ability to create more advanced and stealthy malicious drivers that can bypass detection. However, it is an intimidating subject for newcomers to the field and can cause a great deal of confusion, especially when reading documentation or researching topics like protection rings or system calls.
File System
The File System is the bridge between the operating system and the physical storage hardware. It allows CRUD operations (Create, Read, Update and Delete) to be performed in an organized fashion on files.
It stores associated metadata separate from the actual content of a file. This makes it fast to locate a file and retrieve its content. It also allows metadata to be accessed by applications.
Most Windows partitions are formatted based on FAT, NTFS and exFAT file systems. These systems all have different capabilities.
NTFS supports bigger files, longer file names, quota tracking, encryption and more. It is the default file system for Windows NT and later systems. Other systems support ext (Extended File System), HFS+ (Apple’s Hierarchical File System) and newer macOS computers use APFS. Using the command line, it’s possible to determine which file system is used on a partition. This is important for users who dual-boot between Windows and other operating systems, as there may be partitions on a drive that Windows doesn’t understand.
User Interface
The user interface (UI) enables users to navigate the operating system and execute graphical applications. It is typically designed to use keyboards and monitors, with input controls such as text fields and buttons. It also displays information such as progress bars and notifications.
Microsoft Windows is one of the world’s most popular operating systems and comes preloaded on most new personal computers. It allows users to complete many everyday tasks, including surfing the Internet, checking email, editing digital photos and playing games. It is also used in offices to access productivity tools and manage projects.
Several versions of the software have been released, and each offers unique features. For example, Windows 8 debuted a tile-based interface and the ability to synchronize application settings across multiple devices. Its successor, Windows 10, introduced a “service” model in which it continually updates itself and added Cortana, an artificial intelligence assistant similar to Apple’s Siri. Its competitors include macOS and Linux for consumer computers and Android and iPadOS for tablets.