Mark Russinovich
Encyclopedia
Mark E. Russinovich is a Technical Fellow in the Platform and Services Division at Microsoft
. He was a cofounder of software producers Winternals before it was acquired by Microsoft in 2006.
, Spain
and was raised in Birmingham, Alabama
, until he was 15, when he moved with his family to Pittsburgh, Pennsylvania
. His father was a radiologist and his mother was a business administrator of his father's radiology practice in Pittsburgh.
When Russinovich began taking an interest in programming at age 15, he bought himself his first computer, a TI99/4A. About six months later his parents bought him an Apple II+ from his local high school when it upgraded the computer labs to Apple IIe
's.
In 1989, Russinovich earned his B.S. in computer engineering
from Carnegie Mellon University
. The following year he received an M.S. in computer engineering from Rensselaer Polytechnic Institute
. He later returned to Carnegie Mellon, where he received a Ph.D.
in computer engineering in 1994.
's computer science department. From February through September 1996 he was a developer with NuMega Technologies, where he worked on performance monitoring software for Windows NT.
In 1996, he and Bryce Cogswell cofounded Winternals Software, where Russinovich served as Chief Software Architect, and the web site Sysinternals, where Russinovich wrote and published dozens of popular Windows administration and diagnostic utilities including Autoruns, Filemon, Regmon, Process Explorer
, TCPView, and RootkitRevealer
among many others.
From September 1996 through September 1997 he worked as a consulting associate at OSR Open Systems Resources, Inc., a company based in Amherst, New Hampshire
. From September 1997 through March 2000, he was research staff member at IBM
's Thomas J. Watson Research Center
, researching operating system support for Web server acceleration and serving as an operating systems expert.
Russinovich joined Microsoft in 2006, when it acquired Winternals Software.
In his role as an author
, he is a regular contributor to TechNet Magazine and Windows IT Pro magazine (previously called Windows NT Magazine) on the subject of the Architecture of Windows 2000 and was co-author of Inside Windows 2000 (3rd edition). Russinovich is the author of many tools used by Windows NT
and Windows 2000
kernel-mode programmer
s, and of the NTFS
file system driver for DOS
. He is widely regarded as a Windows expert.
of the Workstation edition of Windows NT 4 would allow the installation of Microsoft BackOffice products which were licensed only for the Server edition.
In 2005, Russinovich discovered the Sony rootkit in Sony
DRM products. Its function was to prevent users from copying their media.
In 2006, Russinovich discovered a rootkit in a product of security software company Symantec
. Symantec directly removed the rootkit.
In January 2006, Russinovich again came to public attention when he analyzed the Windows Metafile vulnerability
in Windows and concluded that it was not a deliberate backdoor. This possibility had been raised — albeit tentatively — by Steve Gibson after a cursory investigation of the nature of the exploit and its mechanism.
Russinovich's first novel Zero Day was published by Thomas Dunne Books
on March 15, 2011.
Microsoft
Microsoft Corporation is an American public multinational corporation headquartered in Redmond, Washington, USA that develops, manufactures, licenses, and supports a wide range of products and services predominantly related to computing through its various product divisions...
. He was a cofounder of software producers Winternals before it was acquired by Microsoft in 2006.
Early life and education
He was born in SalamancaSalamanca
Salamanca is a city in western Spain, in the community of Castile and León. Because it is known for its beautiful buildings and urban environment, the Old City was declared a UNESCO World Heritage Site in 1988. It is the most important university city in Spain and is known for its contributions to...
, Spain
Spain
Spain , officially the Kingdom of Spain languages]] under the European Charter for Regional or Minority Languages. In each of these, Spain's official name is as follows:;;;;;;), is a country and member state of the European Union located in southwestern Europe on the Iberian Peninsula...
and was raised in Birmingham, Alabama
Birmingham, Alabama
Birmingham is the largest city in Alabama. The city is the county seat of Jefferson County. According to the 2010 United States Census, Birmingham had a population of 212,237. The Birmingham-Hoover Metropolitan Area, in estimate by the U.S...
, until he was 15, when he moved with his family to Pittsburgh, Pennsylvania
Pittsburgh, Pennsylvania
Pittsburgh is the second-largest city in the US Commonwealth of Pennsylvania and the county seat of Allegheny County. Regionally, it anchors the largest urban area of Appalachia and the Ohio River Valley, and nationally, it is the 22nd-largest urban area in the United States...
. His father was a radiologist and his mother was a business administrator of his father's radiology practice in Pittsburgh.
When Russinovich began taking an interest in programming at age 15, he bought himself his first computer, a TI99/4A. About six months later his parents bought him an Apple II+ from his local high school when it upgraded the computer labs to Apple IIe
Apple IIe
The Apple IIe is the third model in the Apple II series of personal computers produced by Apple Computer. The e in the name stands for enhanced, referring to the fact that several popular features were now built-in that were only available as upgrades and add-ons in earlier models...
's.
In 1989, Russinovich earned his B.S. in computer engineering
Computer engineering
Computer engineering, also called computer systems engineering, is a discipline that integrates several fields of electrical engineering and computer science required to develop computer systems. Computer engineers usually have training in electronic engineering, software design, and...
from Carnegie Mellon University
Carnegie Mellon University
Carnegie Mellon University is a private research university in Pittsburgh, Pennsylvania, United States....
. The following year he received an M.S. in computer engineering from Rensselaer Polytechnic Institute
Rensselaer Polytechnic Institute
Stephen Van Rensselaer established the Rensselaer School on November 5, 1824 with a letter to the Rev. Dr. Samuel Blatchford, in which van Rensselaer asked Blatchford to serve as the first president. Within the letter he set down several orders of business. He appointed Amos Eaton as the school's...
. He later returned to Carnegie Mellon, where he received a Ph.D.
Ph.D.
A Ph.D. is a Doctor of Philosophy, an academic degree.Ph.D. may also refer to:* Ph.D. , a 1980s British group*Piled Higher and Deeper, a web comic strip*PhD: Phantasy Degree, a Korean comic series* PhD Docbook renderer, an XML renderer...
in computer engineering in 1994.
Career
From September 1994 through February 1996 he was a research associate with the University of OregonUniversity of Oregon
-Colleges and schools:The University of Oregon is organized into eight schools and colleges—six professional schools and colleges, an Arts and Sciences College and an Honors College.- School of Architecture and Allied Arts :...
's computer science department. From February through September 1996 he was a developer with NuMega Technologies, where he worked on performance monitoring software for Windows NT.
In 1996, he and Bryce Cogswell cofounded Winternals Software, where Russinovich served as Chief Software Architect, and the web site Sysinternals, where Russinovich wrote and published dozens of popular Windows administration and diagnostic utilities including Autoruns, Filemon, Regmon, Process Explorer
Process Explorer
Process Explorer is a freeware computer program for Microsoft Windows created by Sysinternals, which has been acquired by Microsoft Corporation....
, TCPView, and RootkitRevealer
RootkitRevealer
RootkitRevealer is a proprietary freeware tool for rootkit detection on Microsoft Windows by Bryce Cogswell and Mark Russinovich. It runs on Windows XP and Windows Server 2003. Its output lists Windows Registry and file system API discrepancies that may indicate the presence of a rootkit...
among many others.
From September 1996 through September 1997 he worked as a consulting associate at OSR Open Systems Resources, Inc., a company based in Amherst, New Hampshire
Amherst, New Hampshire
Amherst is a town in Hillsborough County, New Hampshire, United States. The population was 11,201 at the 2010 census. Amherst is home to Ponemah Bog Wildlife Sanctuary, Hodgman State Forest, the Joe English Reservation and Baboosic Lake....
. From September 1997 through March 2000, he was research staff member at IBM
IBM
International Business Machines Corporation or IBM is an American multinational technology and consulting corporation headquartered in Armonk, New York, United States. IBM manufactures and sells computer hardware and software, and it offers infrastructure, hosting and consulting services in areas...
's Thomas J. Watson Research Center
Thomas J. Watson Research Center
The Thomas J. Watson Research Center is the headquarters for the IBM Research Division.The center is on three sites, with the main laboratory in Yorktown Heights, New York, 38 miles north of New York City, a building in Hawthorne, New York, and offices in Cambridge, Massachusetts.- Overview :The...
, researching operating system support for Web server acceleration and serving as an operating systems expert.
Russinovich joined Microsoft in 2006, when it acquired Winternals Software.
In his role as an author
Author
An author is broadly defined as "the person who originates or gives existence to anything" and that authorship determines responsibility for what is created. Narrowly defined, an author is the originator of any written work.-Legal significance:...
, he is a regular contributor to TechNet Magazine and Windows IT Pro magazine (previously called Windows NT Magazine) on the subject of the Architecture of Windows 2000 and was co-author of Inside Windows 2000 (3rd edition). Russinovich is the author of many tools used by Windows NT
Windows NT
Windows NT is a family of operating systems produced by Microsoft, the first version of which was released in July 1993. It was a powerful high-level-language-based, processor-independent, multiprocessing, multiuser operating system with features comparable to Unix. It was intended to complement...
and Windows 2000
Windows 2000
Windows 2000 is a line of operating systems produced by Microsoft for use on personal computers, business desktops, laptops, and servers. Windows 2000 was released to manufacturing on 15 December 1999 and launched to retail on 17 February 2000. It is the successor to Windows NT 4.0, and is the...
kernel-mode programmer
Computer programming
Computer programming is the process of designing, writing, testing, debugging, and maintaining the source code of computer programs. This source code is written in one or more programming languages. The purpose of programming is to create a program that performs specific operations or exhibits a...
s, and of the NTFS
NTFS
NTFS is the standard file system of Windows NT, including its later versions Windows 2000, Windows XP, Windows Server 2003, Windows Server 2008, Windows Vista, and Windows 7....
file system driver for DOS
DOS
DOS, short for "Disk Operating System", is an acronym for several closely related operating systems that dominated the IBM PC compatible market between 1981 and 1995, or until about 2000 if one includes the partially DOS-based Microsoft Windows versions 95, 98, and Millennium Edition.Related...
. He is widely regarded as a Windows expert.
Other work
In 1996, Russinovich discovered that the alteration of two registry values in the Windows RegistryWindows registry
The Windows Registry is a hierarchical database that stores configuration settings and options on Microsoft Windows operating systems. It contains settings for low-level operating system components as well as the applications running on the platform: the kernel, device drivers, services, SAM, user...
of the Workstation edition of Windows NT 4 would allow the installation of Microsoft BackOffice products which were licensed only for the Server edition.
In 2005, Russinovich discovered the Sony rootkit in Sony
Sony
, commonly referred to as Sony, is a Japanese multinational conglomerate corporation headquartered in Minato, Tokyo, Japan and the world's fifth largest media conglomerate measured by revenues....
DRM products. Its function was to prevent users from copying their media.
In 2006, Russinovich discovered a rootkit in a product of security software company Symantec
Symantec
Symantec Corporation is the largest maker of security software for computers. The company is headquartered in Mountain View, California, and is a Fortune 500 company and a member of the S&P 500 stock market index.-History:...
. Symantec directly removed the rootkit.
In January 2006, Russinovich again came to public attention when he analyzed the Windows Metafile vulnerability
Windows Metafile vulnerability
The Windows Metafile vulnerability is a security vulnerability in Microsoft Windows NT-based operating systems which has been used in a variety of exploits since late December 2005. The vulnerability was first discussed in the computer security community around 26 and December 27, 2005, with the...
in Windows and concluded that it was not a deliberate backdoor. This possibility had been raised — albeit tentatively — by Steve Gibson after a cursory investigation of the nature of the exploit and its mechanism.
Russinovich's first novel Zero Day was published by Thomas Dunne Books
Thomas Dunne Books
Thomas Dunne Books, a division of St. Martin's Press, publishes popular trade fiction and nonfiction. Established in 1986 and based in New York City, Thomas Dunne Books publishes approximately 175 titles each year, covering a range of genres including commercial and literary fiction, mysteries,...
on March 15, 2011.
External links
- Technical Leader Mark Russinovich
- Mark's TechNet blog
- Video interview with Mark in his office at Microsoft on TechNet Edge
- Mark's public event/session videos on Microsoft IT's Showtime! by TechNet
- Appearance on The Stack Exchange Podcast, Nov 11, 2011
- Original Article on Sony's rootkit
- Inside the WMF backdoor
- Windows Sysinternals Tools written by Mark Russinovich
- Official List of Microsoft Technical Fellows