Microsoft KB Archive/841927

= Do not use high level languages, libraries, frameworks, virtual machines or runtimes in core operating system processes =

Article ID: 841927

Article Last Modified on 12/3/2007

-

APPLIES TO


 * Microsoft Visual C++ 2005 Express Edition
 * Microsoft Visual C++ .NET 2003 Standard Edition
 * Microsoft Visual C++ .NET 2002 Standard Edition
 * Microsoft Visual C# 2005 Express Edition
 * Microsoft Visual C# .NET 2003 Standard Edition
 * Microsoft Visual C# .NET 2002 Standard Edition
 * Microsoft Visual Basic 2005
 * Microsoft Visual Basic .NET 2003 Standard Edition
 * Microsoft Visual Basic .NET 2002 Standard Edition
 * Microsoft Visual J# .NET 2003 Standard Edition
 * Microsoft JScript .NET
 * Microsoft COM+ 2.0 Standard Edition
 * Microsoft Common Language Runtime (included with the .NET Framework) 1.0
 * Microsoft .NET Framework 2.0
 * Microsoft .NET Framework 1.1
 * Microsoft .NET Framework 1.0
 * Microsoft .NET Framework Class Libraries 1.1
 * Microsoft .NET Framework Class Libraries 1.0

-





INTRODUCTION
We recommend that you only use C languages and Win32 APIs for any add-in components that are loaded by core operating system processes. Two examples of core operating system processes are Winlogon.exe and Lsass.exe.

The behavior of any high-level language, framework, or runtime in the components that are loaded by core operating system processes is undefined. For example, the Microsoft .NET Framework and the common language runtime were not designed to run in the context of core operating system processes. The following is a partial list of high-level languages, frameworks, and runtimes where the behavior is undefined in the context of core operating system processes:
 * .NET Framework languages
 * C#
 * Visual Basic .NET
 * Managed Extensions for C++
 * common language runtime
 * Java
 * Microsoft Component Object Model (COM)
 * Microsoft COM+
 * Microsoft Distributed Component Object Model (DCOM)
 * Microsoft Foundation Classes (MFC)
 * Microsoft ActiveX Template Library (ATL) framework



MORE INFORMATION
You can plug in the following components to the Winlogon system process:
 * Graphical Identification and Authentication (Gina) DLL
 * Winlogon notification packages

You can plug in the following components to the Local Security Authority Service (LSASS) system process:
 * Password filters
 * Security Support Providers (SSPs)
 * Custom authentication packages
 * Custom subauthentication packages
 * Local Security Authority (LSA) mode Cryptographic Service Providers (CSPs), such as the Secure Channel (SChannel) CSP.

Keywords: kbinfo KB841927

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.