Microsoft Aims To Boost Security With New APIs for Developers
APIs will make security settings easier for developers, particularly for solutions running on Windows Server 2008, Windows Vista, and Windows XP SP3
In a blog post today, Microsoft announced new APIs that will make security settings easier for developers, particularly for those writing solutions that will run on Windows Server 2008, Windows Vista and Windows XP SP3.
The APIs support Microsoft's Data Execution Prevention approach to application security.
"We want more people to opt-in to using Data Execution Prevention (aka DEP aka NX)," the blog post from Michael Howard reads. "We've added some new APIs that allow a developer to set DEP on their process at runtime rather than using linker options. The new APIs also give developers some more flexibility if your application uses an older version of the Abstract Type Library (ATL.)"
Microsoft's DEP technologies help prevent malicious code downloads from data pages by performing "additional checks on memory," according to the company.
The new APIs are SetProcessDEPPolicy, GetSystemDEPPolicy, GetProcessDEPPolicy. More details on how to implement them, as well as possible downsides and conflicts, are described in Howard's blog post here.
Becky Nagel is the vice president of Web & Digital Strategy for 1105's Converge360 Group, where she oversees the front-end Web team and deals with all aspects of digital strategy. She also serves as executive editor of the group's media Web sites, and you'll even find her byline on PureAI.com, the group's newest site for enterprise developers working with AI. She recently gave a talk at a leading technical publishers conference about how changes in Web technology may impact publishers' bottom lines. Follow her on twitter @beckynagel.