Mark Eugene Russinovich (born December 22, 1966) is a Spanish-born American

software engineer Software engineering is a systematic engineering approach to software development. A software engineer is a person who applies the principles of software engineering to design, develop, maintain, test, and evaluate computer software. The term ''p ...

and author who serves as CTO of Microsoft Azure. He was a cofounder of software producers

Winternals Windows Sysinternals is a website that offers technical resources and utilities to manage, diagnose, troubleshoot, and monitor a Microsoft Windows environment. Originally, the Sysinternals website (formerly known as ntinternals) was created in 19 ...

before it was acquired by Microsoft in 2006.

Early life and education

Russinovich was born in Salamanca, Spain and was raised in

Birmingham, Alabama Birmingham ( ) is a city in the north central region of the U.S. state of Alabama. Birmingham is the seat of Jefferson County, Alabama's most populous county. As of the 2021 census estimates, Birmingham had a population of 197,575, down 1% fr ...

, United States, until he was 15, when he moved with his family to

Pittsburgh, Pennsylvania Pittsburgh ( ) is a city in the Commonwealth of Pennsylvania, United States, and the county seat of Allegheny County. It is the most populous city in both Allegheny County and Western Pennsylvania, the second-most populous city in Pennsylva ...

. His father was a

radiologist Radiology ( ) is the medical discipline that uses medical imaging to diagnose diseases and guide their treatment, within the bodies of humans and other animals. It began with radiography (which is why its name has a root referring to radiat ...

and his mother was a business administrator of his father's radiology practice in

Pittsburgh Pittsburgh ( ) is a city in the Commonwealth of Pennsylvania, United States, and the county seat of Allegheny County. It is the most populous city in both Allegheny County and Western Pennsylvania, the second-most populous city in Pennsylva ...

. Russinovich is of Croatian descent. He was introduced to computers when his friend's father got an Apple II in the 1970s. He was able to

reverse engineer Reverse engineering (also known as backwards engineering or back engineering) is a process or method through which one attempts to understand through deductive reasoning how a previously made device, process, system, or piece of software accompli ...

its

ROM Rom, or ROM may refer to: Biomechanics and medicine * Risk of mortality, a medical classification to estimate the likelihood of death for a patient * Rupture of membranes, a term used during pregnancy to describe a rupture of the amniotic sac * ...

and write programs for it. At age 15, he bought himself his first computer, a Texas Instruments TI99/4A. About six months later his parents bought him an Apple II+ from his local high school when it upgraded the computer labs to

Apple IIe The Apple IIe (styled as Apple //e) is the third model in the Apple II series of personal computers produced by Apple Computer. The ''e'' in the name stands for ''enhanced'', referring to the fact that several popular features were now built-in ...

s. He also wrote magazine articles about Apple II. In 1989, Russinovich earned his

Bachelor of Science A Bachelor of Science (BS, BSc, SB, or ScB; from the Latin ') is a bachelor's degree awarded for programs that generally last three to five years. The first university to admit a student to the degree of Bachelor of Science was the University o ...

degree in computer engineering from Carnegie Mellon University, where he was a member of the Pi Kappa Alpha Beta Sigma chapter. The following year he received a

Master of Science A Master of Science ( la, Magisterii Scientiae; abbreviated MS, M.S., MSc, M.Sc., SM, S.M., ScM or Sc.M.) is a master's degree in the field of science awarded by universities in many countries or a person holding such a degree. In contrast t ...

degree in computer engineering from Rensselaer Polytechnic Institute. He later returned to Carnegie Mellon, where he received a

Ph.D. A Doctor of Philosophy (PhD, Ph.D., or DPhil; Latin: or ') is the most common degree at the highest academic level awarded following a course of study. PhDs are awarded for programs across the whole breadth of academic fields. Because it is ...

in computer engineering in 1994 with thesis titled ''Application-transparent fault management''. under the supervision of Zary Segall.

Career

From September 1994 through February 1996 he was a research associate with the

University of Oregon The University of Oregon (UO, U of O or Oregon) is a public research university in Eugene, Oregon. Founded in 1876, the institution is well known for its strong ties to the sports apparel and marketing firm Nike, Inc, and its co-founder, billion ...

's computer science department. From February through September 1996 he was a developer with NuMega Technologies, where he worked on performance monitoring software for

Windows NT Windows NT is a proprietary graphical operating system produced by Microsoft, the first version of which was released on July 27, 1993. It is a processor-independent, multiprocessing and multi-user operating system. The first version of Win ...

. In 1996, he and Bryce Cogswell cofounded Winternals Software, where Russinovich served as Chief Software Architect, and the web site sysinternals.com, where Russinovich wrote and published dozens of popular Windows administration and diagnostic utilities including Autoruns, Filemon, Regmon,

Process Explorer Process Explorer is a freeware task manager and system monitor for Microsoft Windows created by SysInternals, which has been acquired by Microsoft and re-branded as Windows Sysinternals. It provides the functionality of Windows Task Manager along ...

, TCPView, and RootkitRevealer among many others. From September 1996 through September 1997, he worked as a consulting associate at OSR Open Systems Resources, Inc., a company based in

Amherst, New Hampshire Amherst is a town in Hillsborough County in the state of New Hampshire, United States. The population was 11,753 at the 2020 census. Amherst is home to Ponemah Bog Wildlife Sanctuary, Hodgman State Forest, the Joe English Reservation and Baboos ...

. From September 1997 through March 2000, he was a research staff member at IBM's

Thomas J. Watson Research Center The Thomas J. Watson Research Center is the headquarters for IBM Research. The center comprises three sites, with its main laboratory in Yorktown Heights, New York, U.S., 38 miles (61 km) north of New York City, Albany, New York and wit ...

, researching operating system support for Web server acceleration and serving as an operating systems expert. Russinovich joined Microsoft in 2006, when it acquired Winternals Software. In his role as an author, he is a regular contributor to ''

TechNet Magazine Microsoft TechNet was a Microsoft web portal and web service for IT professionals. It included a library containing documentation and technical resources for Microsoft products, a learning center which provides online training, discussion forum ...

'' and ''

Windows IT Pro ''Windows IT Pro'' was a trade publication and web site owned by Informa serving the information needs of IT professionals working with the Microsoft Windows platform. The magazine's editorial offices were located in Ft. Collins, Colorado, US ...

'' magazine (previously called ''Windows NT Magazine'') on the subject of the Architecture of Windows 2000 and was co-author of ''Inside Windows 2000'' (third edition). Russinovich is the author of many tools used by

and

Windows 2000 Windows 2000 is a major release of the Windows NT operating system developed by Microsoft and oriented towards businesses. It was the direct successor to Windows NT 4.0, and was released to manufacturing on December 15, 1999, and was officiall ...

kernel-mode programmers, and of the

NTFS New Technology File System (NTFS) is a proprietary journaling file system developed by Microsoft. Starting with Windows NT 3.1, it is the default file system of the Windows NT family. It superseded File Allocation Table (FAT) as the preferred fil ...

file system driver for

DOS DOS is shorthand for the MS-DOS and IBM PC DOS family of operating systems. DOS may also refer to: Computing * Data over signalling (DoS), multiplexing data onto a signalling channel * Denial-of-service attack (DoS), an attack on a communicat ...

Works

In 1996, Russinovich discovered that altering two values in the

Windows Registry The Windows Registry is a hierarchical database that stores low-level settings for the Microsoft Windows operating system and for applications that opt to use the registry. The kernel, device drivers, services, Security Accounts Manager, and ...

of the Workstation edition of Windows NT 4.0 would change the installation so it was recognized as a Windows NT Server and allow the installation of Microsoft BackOffice products which were licensed only for the Server edition. The registry key values were guarded by a worker thread to detect tampering, and later a program called NT Tune was released to kill the monitor thread and change the values. Russinovich wrote LiveKD, a utility included with the book ''Inside Windows 2000''. As of 2022, the utility is readily available to download. In 2005, Russinovich discovered the Sony rootkit in

Sony , commonly stylized as SONY, is a Japanese multinational conglomerate corporation headquartered in Minato, Tokyo, Japan. As a major technology company, it operates as one of the world's largest manufacturers of consumer and professiona ...

DRM DRM may refer to: Government, military and politics * Defense reform movement, U.S. campaign inspired by Col. John Boyd * Democratic Republic of Madagascar, a former socialist state (1975–1992) on Madagascar * Direction du renseignement milita ...

products. Its function was to prevent users from copying their media. In January 2006, Russinovich discovered a

rootkit A rootkit is a collection of computer software, typically malicious, designed to enable access to a computer or an area of its software that is not otherwise allowed (for example, to an unauthorized user) and often masks its existence or the exis ...

Norton SystemWorks Norton SystemWorks is a discontinued utility software suite by Symantec Corp. It integrates three of Symantec's most popular products – Norton Utilities, Norton CrashGuard and Norton AntiVirus – into one program designed to simplify solving ...

by Symantec. Symantec immediately removed the rootkit. He also analyzed the Windows Metafile vulnerability and concluded that it was not a deliberate backdoor. This possibility had been raised – although tentatively – by Steve Gibson after a cursory investigation of the nature of the exploit and its mechanism. Russinovich's novels ''Zero Day'' (foreword by

Howard Schmidt Howard Anthony Schmidt (October 5, 1949 – March 2, 2017) was a partner with Tom Ridge in Ridge Schmidt Cyber LLC, a consultancy company in the field of cybersecurity. He was the Cyber-Security Coordinator of the Obama Administration, operating i ...

) and ''Trojan Horse'' (foreword by

Kevin Mitnick Kevin David Mitnick (born August 6, 1963) is an American computer security consultant, author, and convicted hacker. He is best known for his high-profile 1995 arrest and five years in prison for various computer and communications-related crim ...

) were published by

Thomas Dunne Books Thomas Dunne Books was an imprint of St. Martin's Press, which is a division of Macmillan Publishers. From 1986 until April 2020, it published popular trade fiction and nonfiction. History The imprint signed David Irving, a scholar, for a Joseph ...

on March 15, 2011 and September 4, 2012. Both are in a series of popular

techno-thriller A techno-thriller or technothriller is a hybrid genre drawing from science fiction, thrillers, spy fiction, action, and war novels. They include a disproportionate amount (relative to other genres) of technical details on their subject matter ( ...

s, that have attracted praise from industry insiders such as

Mikko Hyppönen Mikko Hermanni Hyppönen (; born 13 October 1969) is a Finnish computer security expert, speaker and author. He is known for the Hyppönen Law about IoT security, which states that whenever an appliance is described as being "smart", it is vulner ...

and

Daniel Suarez Daniel is a masculine given name and a surname of Hebrew origin. It means "God is my judge"Hanks, Hardcastle and Hodges, ''Oxford Dictionary of First Names'', Oxford University Press, 2nd edition, , p. 68. (cf. Gabriel—"God is my strength"), ...

. A short story, "Operation Desolation" was published just before Trojan Horse and takes place 1 year after the events of Zero Day. Book 3, ''Rogue Code: A Novel'' (Jeff Aiken Series, May 2014) deals with vulnerabilities of the

NYSE The New York Stock Exchange (NYSE, nicknamed "The Big Board") is an American stock exchange in the Financial District of Lower Manhattan in New York City. It is by far the world's largest stock exchange by market capitalization of its liste ...

. It has a foreword by Haim Bodek, author of ''The Problem of HFT: Collected Writings on

High Frequency Trading High-frequency trading (HFT) is a type of algorithmic financial trading characterized by high speeds, high turnover rates, and high order-to-trade ratios that leverages high-frequency financial data and electronic trading tools. While there is no ...

& Stock Market Structure Reform''.

Works

Computer books * * * * * * * Russinovich, Mark; Margosis, Aaron (October 17, 2016).
Troubleshooting with the Windows Sysinternals Tools
'. Microsoft Press. ISBN 978-0-7356-8444-7. Novels * * * * Articles * * * * * * * * * * * Videos * * * *

References

External links

*
Video interview with Mark in his office at Microsoft on TechNet Edge

Mark's public event/session videos on Microsoft IT's Showtime! by TechNet

Original Article on Sony's rootkit

Inside the WMF backdoor

Windows Sysinternals Tools written by Mark Russinovich

Interview with Scott Hanselman about Zero Day and Trojan Horse, 26 July 2012

Mark on Security Now, 19 Sep 2012

Mark on Windows Weekly, 20 Sep 2012
{{DEFAULTSORT:Russinovich, Mark Microsoft Windows people Living people Microsoft technical fellows Microsoft employees Writers from Birmingham, Alabama Carnegie Mellon University alumni Rensselaer Polytechnic Institute alumni Year of birth uncertain American people of Croatian descent Techno-thriller writers American chief technology officers Industry and corporate fellows 1966 births People from Salamanca Spanish emigrants to the United States