A Minor (Literally) Windows Bug?

So I was reading Windows Internals 6th ed. Pt II the other day, specifically the chapter about crash dumps, when I noticed something odd. It was in the output of the .dumpdebug command in the kernel debugger. Just to make sure it wasn't just a typo in the book, I have reproduced the oddity here:


I have simply launched Windbg, loaded up a crash dump file, and issued the command .dumpdebug. In the header, you see the MajorVersion is 0f. The MinorVersion is 1db1. The MinorVersion I understand. 1db1 is hexadecimal and in decimal it translates to 7601. Most administrators will immediately realize the number 7601 as belonging to Windows 7 or 2008 R2 with service pack 1.

But what is the MajorVersion? 0F in hexadecimal translates to 15 in decimal. But what does 15 mean? This version of Windows is 6. The full version string displayed when I open up a Command Prompt on this machine for instance, is 6.1.7601. Major version = 6, minor version = 1, build number = 7601. Right?

So why does the kernel debugger show the MajorVersion of Windows to be 15? I wonder if I've found a bug...

Comments are closed