Microsoft has announced the next Windows version will include the Windows DTrace support.

The DTrace support is originally built for Solaris for open source debugging and diagnostic tracing.

And in this post, we will show some detailed information about this Windows DTrace.

Windows DTrace

And the port was announced at the Ignite conference last year.

However, the instructions, binaries and source code are now available.

And the merge will happen in the next few years.

Win10 19H1 Preview Is Out for Fast ring and Skip Ahead Insiders

And at the same time, Microsoft is making its DTrace source available.

The DTrace for Windows allows developers and administrators to get a detailed look at what their system is doing.

In addition, the Windows DTrace command uses the DTrace scripting language.

Recover Lost Files After Windows Update with Four Methods

Thus, users can use this language to specify probed information and know how to report this information.

After the first Solaris has been released, the Windows DTrace has been expanded the Unix-like operating system.

And today, it can be used for the Linux, FreeBSD, NetBSD, and MacOS.

The original Solaris code was released under the Suns Common Development and Distribution License.

And the latter driver will be available with next Windows version releasing.

The part of CDDL needs to be downloaded separately.

However, the Windows DTrace currently requires Windows to be boot with a kernel debugger attached.

The operating principle of Windows DTrace is that some codes will be inserted to the system functions being analyzed.

Meanwhile, the Windows DTrace is not the only software requiring modifying kernel memory.

The rootkit also needs to modify the kernel of the operating system.

For example, the process enumeration functions will not show the running rootkit.

Therefore, Microsoft has released the Windows kernel protection, which also called KPP.

Windows DTrace has violated the protection measure of PatchGuard.

And the Windows DTrace will be run as an administrator.

Do you know how to recover lost files after Windows update?

This post shows you several methods to get them back.

And this DTrace for Windows is a tool for the Solaris for the open source debugging and diagnostic tracing.