Do not use high level languages, libraries, frameworks, virtual machines or runtimes in core operating system processes

INTRODUCTION

We recommend that you only use C languages and Win32 APIs for any add-in components that are loaded by core operating system processes. Two examples of core operating system processes are Winlogon.exe and Lsass.exe.


The behavior of any high-level language, framework, or runtime in the components that are loaded by core operating system processes is undefined. For example, the Microsoft .NET Framework and the common language runtime were not designed to run in the context of core operating system processes. The following is a partial list of high-level languages, frameworks, and runtimes where the behavior is undefined in the context of core operating system processes:

  • .NET Framework languages
    • C#
    • Visual Basic .NET
    • Managed Extensions for C++
  • common language runtime
  • Java
  • Microsoft Component Object Model (COM)
  • Microsoft COM+
  • Microsoft Distributed Component Object Model (DCOM)
  • Microsoft Foundation Classes (MFC)
  • Microsoft ActiveX Template Library (ATL) framework

More Information

You can plug in the following components to the Winlogon system process:
  • Graphical Identification and Authentication (Gina) DLL
  • Winlogon notification packages
You can plug in the following components to the Local Security Authority Service (LSASS) system process:
  • Password filters
  • Security Support Providers (SSPs)
  • Custom authentication packages
  • Custom subauthentication packages
  • Local Security Authority (LSA) mode Cryptographic Service Providers (CSPs), such as the Secure Channel (SChannel) CSP.
プロパティ

文書番号:841927 - 最終更新日: 2009/09/29 - リビジョン: 1

フィードバック