What do you think?
Rate this book
Windows Internals
Windows Internals, Part 1: System Architecture, Processes, Threads, Memory Management, and More
The definitive guide–fully updated for Windows 10 and Windows Server 2016 Delve inside Windows architecture and internals, and see how core components work behind the scenes. Led by a team of internals experts, this classic guide has been fully updated for Windows 10 and Windows Server 2016. Whether you are a developer or an IT professional, you’ll get critical, insider perspectives on how Windows operates. And through hands-on experiments, you’ll experience its internal behavior firsthand–knowledge you can apply to improve application design, debugging, system performance, and support. This book will help · Understand the Window system architecture and its most important entities, such as processes and threads · Examine how processes manage resources and threads scheduled for execution inside processes · Observe how Windows manages virtual and physical memory · Dig into the Windows I/O system and see how device drivers work and integrate with the rest of the system · Go inside the Windows security model to see how it manages access, auditing, and authorization, and learn about the new mechanisms in Windows 10 and Server 2016
800 pages, Kindle Edition
Published May 5, 2017
213 people are currently reading
215 people want to read
Ratings & Reviews
Friends & Following
Create a free account to discover what your friends think of this book!
Community Reviews
Displaying 1 - 4 of 4 reviews
March 18, 2021
I’ll start with the good: if you develop resource intensive software for windows, this might be useful background for you. It’s authoritative. Each chapter provides an overview of Windows functionality (e.g., “I/O System”), relevant functions, and some tools to help you explore the OS further. Acronyms appear to be redefined in each chapter, so you won’t have to flip far ...
It’s not clear to me who else might benefit from
this book. For example, forensic analysts might be interested to learn about the MFT, VAD Trees, and shell bags. Not one of those topics appear in the index; they only get a passing mention in the context of other topics. If you’re interested in understanding the technical details of how some of the OS functions work, you might just be out of luck. You can expect a paragraph to a couple of pages describing a process — prose flecked with DLL names, but little granular detail on any topic. Finally, there’s very little detail on appropriate configuration choices, so I fail to see why this is marketed toward “IT professionals,” which I take to mean system administrators. But to be fair, the authors hint at some of these criticisms in the preface.
Breadth and depth aside, the organization is a fractal of terribleness; pick a level, the organization is awful. Volume 1 was published in 2017 and Volume 2 won’t be available until July of 2021. Nonetheless, the book has a massive number of references to Volume 2. For example, the introductory “concepts and tools” chapter takes up about the first hundred pages, but defers important detail to Volume 2 around twenty times. The rest of the chapters are no better on this score. (I have no idea how much of volume 2 of the 6th edition would be useful for filling in the missing details.)
Breaking the chapters into OS functions seems to force the authors cite detail in other chapters and volumes, rather than providing a coherent narrative. For example, why would the authors put the chapter describing the startup process in volume 2 instead of folding it into an introductory narrative at the beginning? Further, paragraphs frequently have no thesis sentence, or the topic is buried. It’s not uncommon to find enough commas and parentheticals to make for terse, disjointed reading. I suspect that the editors were some combination of too close to the subject matter, didn’t do their job, or got overruled.
It’s not clear to me who else might benefit from
this book. For example, forensic analysts might be interested to learn about the MFT, VAD Trees, and shell bags. Not one of those topics appear in the index; they only get a passing mention in the context of other topics. If you’re interested in understanding the technical details of how some of the OS functions work, you might just be out of luck. You can expect a paragraph to a couple of pages describing a process — prose flecked with DLL names, but little granular detail on any topic. Finally, there’s very little detail on appropriate configuration choices, so I fail to see why this is marketed toward “IT professionals,” which I take to mean system administrators. But to be fair, the authors hint at some of these criticisms in the preface.
Breadth and depth aside, the organization is a fractal of terribleness; pick a level, the organization is awful. Volume 1 was published in 2017 and Volume 2 won’t be available until July of 2021. Nonetheless, the book has a massive number of references to Volume 2. For example, the introductory “concepts and tools” chapter takes up about the first hundred pages, but defers important detail to Volume 2 around twenty times. The rest of the chapters are no better on this score. (I have no idea how much of volume 2 of the 6th edition would be useful for filling in the missing details.)
Breaking the chapters into OS functions seems to force the authors cite detail in other chapters and volumes, rather than providing a coherent narrative. For example, why would the authors put the chapter describing the startup process in volume 2 instead of folding it into an introductory narrative at the beginning? Further, paragraphs frequently have no thesis sentence, or the topic is buried. It’s not uncommon to find enough commas and parentheticals to make for terse, disjointed reading. I suspect that the editors were some combination of too close to the subject matter, didn’t do their job, or got overruled.
September 4, 2025
Truly one of the best resources to study about the windows internals. It's so comprehensive and full of information yet a bit vague and I found some parts a bit poorly elaborated and had to check other resources to fully understand them. I come back to it whenever I need to refresh my memory about some concept.
Overall great book and really worth checking out.
Overall great book and really worth checking out.
September 29, 2020
This book is a beast. I've been working with windows on the Server and Client platforms for many years and I was very impressed with all the data in this book. If you support windows in any form, give this book a shot.
October 17, 2020
Excellent! Looking forward to getting Part 2!!
Displaying 1 - 4 of 4 reviews