I recently presented a class to Microsoft developers that included a section about Windows Vista's User Account Control (UAC) feature. UAC allows users, even administrators, to run as standard users most of the time, while giving them the ability to run executables with administrator rights when necessary. The following list shows the situations in which executables can trigger a request for administrator rights:
- If the executable image includes a Vista manifest file that specifies a desire or need for administrator rights.
- If the executable is in Vista's application compatibility database as a legacy application that Microsoft has identified as requiring administrator rights to run correctly.
- If the user explicitly requests an elevation using Windows Explorer's Run as administrator menu item in the context menu for executables.
- If the executable is determined to be a setup or installer program (e.g., if the word "setup" or "update" is in the image's name).
Perhaps the most common need for administrator rights comes from setup programs, which generally can't install properly without write access to HKEY_LOCAL_MACHINE\Software and HKEY_LOCAL_MACHINE\Program Files—two registry locations that only administrators can modify. As an ad hoc demonstration of this, during the presentation I copied \Windows\Notepad.exe to my account's profile directory, renaming it to Notepad-setup.exe in the process. Then I launched it, expecting to see a consent dialog box asking me to grant the renamed Notepad administrative rights. To my consternation, no such dialog appeared. In fact, nothing happened, even when I tried again.
You can follow all the steps I performed to diagnose the Notepad startup problem by visiting my blog at https://blogs.technet.com/markrussinovich/archive/2006/10.aspx. In a nutshell, the reason I hadn't been presented with a UAC consent dialog box asking me to give it permission to run with administrator rights is that heuristic setup detection applies only to files that don't have an embedded manifest that specifies a security TrustLevel. Notepad does include a manifest and therefore doesn't trigger the UAC consent dialog box. The reason Notepad didn't execute is that in Vista, executables can have external resource files, and Notepad looks for its resource files in subdirectories beneath it. Because I didn't copy the resource files, Notepad couldn't find them and silently exited.
This is a summary of a popular posting to Mark Russinovich’s technical blog (https://blogs.technet.com/markrussinovich/about.aspx), which covers topics such as Windows troubleshooting, technologies, and security. You can read the entire post at https://blogs.technet.com/markrussinovich/archive/2006/10.aspx.