SKETCH OF HOW RESEARCH MIGHT CONTINUE AND RESULTS BE PRESENTED

PROCESSINFO Flags

Version 6.1 introduced to the PROCESSINFO structure what may be intended as an elaboration of the age-old W32PF_Flags. Type information in symbol files for WIN32K.SYS in Windows 7 (only) enumerates the defined flags as UINT bit fields in union with a Flags that is itself a ULONG. Inevitably, many more have been defined since. It seems unlikely that I shall ever attempt to describe the additions, let alone attempt an enumeration of which flags are defined in which versions, but you never know.

Mask Definition Versions
0x00000001 
UINT fHasMsgContext : 1;
  
  
UINT Unused : 31;
  

This page was created on 6th August 2017.

Copyright © 2017. Geoff Chappell. All rights reserved. Conditions apply.