Microsoft Silently Introduces Micro Dumps

My April fool’s joke about the 5th dump type¬†partially came true. I’ve just noticed the new tab “Silent Process Exit”¬†in gflags.exe on my W2K8 R2 server:

The registry keys corresponding to settings are:

HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \CurrentVersion \ SilentProcessExit
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ SilentProcessExit \ TestDefaultDebugger64
DumpType (DWORD) 0x88

I continue my investigation and report more later.

- Dmitry Vostokov @ DumpAnalysis.org + TraceAnalysis.org -

Leave a Reply

You must be logged in to post a comment.