System File Protection
   HOME

TheInfoList



Click Here for Items Related To - System File Protection
OR:
System File Protection on:   [Wikipedia]   [Google]   [Amazon]

Windows File Protection (WFP), a sub-system included in
Microsoft Windows Windows is a group of several proprietary graphical operating system families developed and marketed by Microsoft. Each family caters to a certain sector of the computing industry. For example, Windows NT for consumers, Windows Server for serv ...
operating system An operating system (OS) is system software that manages computer hardware, software resources, and provides common services for computer programs. Time-sharing operating systems schedule tasks for efficient use of the system and may also in ...
s of the
Windows 2000 Windows 2000 is a major release of the Windows NT operating system developed by Microsoft and oriented towards businesses. It was the direct successor to Windows NT 4.0, and was Software release life cycle#Release to manufacturing (RTM), releas ...
and
Windows XP Windows XP is a major release of Microsoft's Windows NT operating system. It was released to manufacturing on August 24, 2001, and later to retail on October 25, 2001. It is a direct upgrade to its predecessors, Windows 2000 for high-end and ...
era, aims to prevent programs from replacing critical Windows
system file A system file in computers is a critical computer file without which a computer system may not operate correctly. These files may come as part of the operating system, a third-party device driver or other sources. Microsoft Windows and MS-DOS mark ...
s. Protecting core system files mitigates problems such as
DLL hell In computing, DLL Hell is a term for the complications that arise when one works with dynamic-link libraries (DLLs) used with Microsoft Windows operating systems, particularly legacy 16-bit editions, which all run in a single memory space. DLL Hel ...
with programs and the operating system. Windows 2000,
Windows XP Windows XP is a major release of Microsoft's Windows NT operating system. It was released to manufacturing on August 24, 2001, and later to retail on October 25, 2001. It is a direct upgrade to its predecessors, Windows 2000 for high-end and ...
and
Windows Server 2003 Windows Server 2003 is the sixth version of Windows Server operating system produced by Microsoft. It is part of the Windows NT family of operating systems and was released to manufacturing on March 28, 2003 and generally available on April 24, 2 ...
include WFP under the name of ''Windows File Protection'';
Windows Me Windows Millennium Edition, or Windows Me (marketed with the pronunciation of the pronoun "me"), is an operating system developed by Microsoft as part of its Windows 9x family of Microsoft Windows operating systems. It is the successor to Windo ...
includes it as System File Protection (SFP).


Operation

With Windows File Protection active, replacing or deleting a system file that has no
file lock File locking is a mechanism that restricts access to a computer file, or to a region of a file, by allowing only one user or process to modify or delete it at a specific time and to prevent reading of the file while it's being modified or deleted ...
to prevent it getting overwritten causes Windows immediately and silently to restore the original copy of the file. The original version of the file is restored from a cached folder which contains backup copies of these files. The
Windows NT Windows NT is a proprietary graphical operating system An operating system (OS) is system software that manages computer hardware, software resources, and provides common services for computer programs. Time-sharing operating systems sc ...
family uses the cached folder .
Windows Me Windows Millennium Edition, or Windows Me (marketed with the pronunciation of the pronoun "me"), is an operating system developed by Microsoft as part of its Windows 9x family of Microsoft Windows operating systems. It is the successor to Windo ...
caches its entire set of compressed cabinet setup files and stores them in the folder. WFP covers all files which the operating system installs (such as , , , etc.), protecting them from deletion or from replacement by older versions. The
digital signature A digital signature is a mathematical scheme for verifying the authenticity of digital messages or documents. A valid digital signature, where the prerequisites are satisfied, gives a recipient very high confidence that the message was created b ...
s of these files are checked using
code signing Code signing is the process of digitally signing executables and scripts to confirm the software author and guarantee that the code has not been altered or corrupted since it was signed. The process employs the use of a cryptographic hash to v ...
and the signature catalog files stored in the folder. Only certain operating system components such as the ''Package Installer'' (Update.exe) or
Windows Installer Windows Installer (msiexec.exe, previously known as Microsoft Installer, codename Darwin) is a software component and application programming interface (API) of Microsoft Windows used for the installation, maintenance, and removal of software. ...
(Msiexec.exe) can replace these files. Changes made using any other methods in order to replace these files are reverted and the files are silently restored from the cache. If Windows File Protection cannot automatically find the file in the cached folder, it searches the network path or prompts the user for the Windows installation disc to restore the appropriate version of the file. WFP integrates with the System File Checker () utility.
Windows Vista Windows Vista is a major release of the Windows NT operating system developed by Microsoft. It was the direct successor to Windows XP, which was released five years before, at the time being the longest time span between successive releases of ...
and later Windows systems do not include Windows File Protection, but they include
Windows Resource Protection Windows Resource Protection is a feature first introduced in Windows Vista and Windows Server 2008. It is available in all subsequent Windows operating systems, and replaces Windows File Protection. Windows Resource Protection prevents the repla ...
which protects files using ACLs. Windows Resource Protection aims to protect core
registry Registry may refer to: Computing * Container registry, an operating-system-level virtualization registry * Domain name registry, a database of top-level internet domain names * Local Internet registry * Metadata registry, information system for re ...
keys and values and prevent potentially damaging system configuration changes, besides operating system files. The non-use of ACLs in Windows File Protection was a design choice: Not only did it allow operation on non-NTFS systems, but it prevented those same "bad" installers from failing completely from a file access error.


External links


Overview of Windows File Protection

Registry settings for Windows File Protection

Whitepaper on Windows File Protection

Overview of System File Protection (Windows Me)

Hacking Windows File Protection

Effective Files Protection Tool
{{Windows Components Discontinued Windows components