One of the applications of reverse engineering in computer security is the analysis of operating systems and software for which no source code is available. Most commonly the target is Microsoft Windows, and the goal is to find new 0-day vulnerabilities or to understand the full impact of old bugs. Reverse engineering Microsoft software presents numerous challenges. Based on his experience with reversing all Microsoft patches from the last 6 months, the speaker will present a number of techniques for improving the accuracy of the disassembly output and automating the reverse engineering process. He will begin with an overview of the differences between analyzing Microsoft binaries and other forms of reverse engineering, such as disassembling malware. He will cover common MSVC compiler optimizations, function chunking, C++ vtables, COM objects, exception handling and more. In the second part of the presentation he will focus on the problems with loading symbols and improving the results of the IDA Pro autoanalysis. Finally, he will release the source code of an IDA plugin that improves symbol loading and fixes common disassembly problems. Most of the information presented is applicable to non-Microsoft applications as well, but the examples he provides focus on my experience with reversing Microsoft patches.