News

Microsoft Aims To Boost Security With New APIs for Developers

New APIs that will make security settings easier for developers, particularly for those writing code to run on Windows Server 2008, Vista and XP SP3.

In a blog post today, Microsoft announced new APIs that will make security settings easier for developers, particularly for those writing solutions that will run on Windows Server 2008, Windows Vista and Windows XP SP3.

The APIs support Microsoft's Data Execution Prevention approach to application security.

"We want more people to opt-in to using Data Execution Prevention (aka DEP aka NX)," the blog post from Michael Howard reads. "We've added some new APIs that allow a developer to set DEP on their process at runtime rather than using linker options. The new APIs also give developers some more flexibility if your application uses an older version of the Abstract Type Library (ATL.)"

Microsoft's DEP technologies help prevent malicious code downloads from data pages by performing "additional checks on memory," according to the company.

The new APIs are SetProcessDEPPolicy, GetSystemDEPPolicy, GetProcessDEPPolicy. More details on how to implement them, as well as possible downsides and conflicts, are described in Howard's blog post here.

About the Author

Becky Nagel is the executive editor of the 1105 Redmond Media Group's Web sites, including Redmondmag.com, RCPmag.com, RedDevNews.com and VisualStudioMagazine.com, among others.

comments powered by Disqus

Redmond Tech Watch

Sign up for our newsletter.

I agree to this site's Privacy Policy.