Hello, I just have heard about MS project called Drawbridge. [*] They use NT kernel (ntoskrnl + win32k) implementation in user-mode (NTUM) to load native DLLs and services from different versions of Windows, IIUC. Set of downcalls from NTUM (to native kernel) is reduced to 45 items. This way a process-based isolation is achieved. Some sort of sandbox/container. It sounds like Wine on Windows. Just FYI. S. [*] http://research.microsoft.com/en-us/projects/drawbridge/