USER32 has six securable objects:
| WindowStation Object | This object represents a screen/keyboard/mouse combination. This object serves to house or “contain” the other objects related to an individual user station. This object provides the front line of security for a user station and serves as a source for inheritable security for other objects. |
| Desktop Object | This object represents the new construct called a “desktop.” This object resides within a WindowStation object, from which it inherits security. This object is also a container, containing Window and Menu objects. |
| Window Object | This object represents what is commonly known as a window. This object type resides within a Desktop object, from which it inherits security. |
| Menu Object | This object represents what is commonly known as a menu. This type resides within a Desktop object, from which it inherits security. |
| DDE Access Object | This object is used to control access to a DDE server. This type resides within a WindowStation object, but does not inherit security from its parent WindowStation. |
| DDE Conversation Object | This object represents a conversation connection between a DDE client and DDE server. This type resides within a DDE Access object, from which it inherits security. |
Each object contains a common object header that specifies the object type, security descriptor and other security related information. This allows the same code to work for all current and future object types.
GDI32 has no shared objects, and therefore no security descriptors on any functions. KERNEL32 has security on files, processes, threads, and synchronization objects.