OSMajor and OSMinor version numbers in PE file

0

recently I stumbled upon a strange phenomenon.

I am building a dumper for PE-files, reading along the section header and "optional" section header quite well. Now, when I reach the fields "OS major" and "OS minor", I notice a strange value.

[WORD] OS VERSION major        :0x00000006
[WORD] OS VERSION minor        :0x00000000

Apparently this would mean Windows Vista....

Here: https://docs.microsoft.com/de-de/windows/win32/sysinfo/operating-system-version?redirectedfrom=MSDN

I wrote a simple hello-world 32bit executable, and also tested with 7zip.exe (where it, for some reason, was 4.0 [==Win98]).

Now I am confused.... How can my freshly written PE-file (Visual Studio 2019) NOT be of OS version 10??? Did Microsoft maybe, because of lazyness, not update their Linker correctly???

On that page it says something about a manifest file, but only that it would tell you Windows 8.0 if you'd not manifest your executable (however I am supposed to do that, doesn't really matter for the question tho).

Question: Is there a way to read the correct OS-version from a binary?

windows
version
portable-executable
asked on Stack Overflow Dec 20, 2019 by clockw0rk • edited Dec 20, 2019 by clockw0rk

1 Answer

0

As it turned out, it seems like this number is more of a "Required Minimum Opreating system",

that would explain why it is windows Vista.

answered on Stack Overflow Dec 20, 2019 by clockw0rk

User contributions licensed under CC BY-SA 3.0