Windows Vista Platform for the next generation of software

What is Windows Vista? Next Generation of Windows OS ConnectedConnect with people, information and devices: anytime, anywhere ConfidentYour PC just works: safe, reliable, and low-cost to manage ClearOrganize information effectively, and focus on business

Windows Vista Is there anything left really? Stacks Network Access Protection Network Location Awareness High Resolution/High DPI Windows Sideshow Windows Vista Display Driver Model People Near Me Windows Defender Power Management Live Icons Windows SideBar Parental controls Windows Feedback Services Desktop Window Manager Registry/File System Virtualization Protected Mode IE Windows Service Hardening Sync Center Aero Presentation Settings Preview Pane User Account Control Ad-hoc Meeting Networks Quick Search Windows Imaging Format Windows Resource Protection MMC 3.0 Cancelable I/O Resource Exhaustion Diagnostics Peer Name Resolution Protocol Reading Pane Windows Disk Diagnostics Restart Manager Transactional Registry Single binary Memory Diagnostics Startup Repair Toolkit Transactional File System Eventing and Instrumentation WS-Management InfoCard SuperFetch Segoe UI Font Flip3D New Explorers Taskbar Thumbnails IPv6 XAML Search Folders Ink Analysis Split Tokens Mandatory Integrity Control UI Privilege Isolation Secure Startup Windows Filtering Platform User Mode Driver Framework New Open/Save Dialogs Shell Property System Winlogon Rearchitecture Windows Communication Foundation Windows Presentation Foundation Glass Open Package Specification XML Paper Specification Windows Workflow Foundation Windows Installer 4.0 Monad RSS Platform Function Discovery API Wizard Framework Crypto Next Generation Credential Providers Confident | Clear | Connected

VHS VCR PVR (Windows MCE) MSN MailOutlook Web Access (OWA) Office: Outlook What is (UX)?

Protected Mode in IE7 User Account Protection Full Volume Encryption Component Based Setup and Deployment Windows Imaging Format (WIM) Customer Feedback Apps and Files load faster Fast Startup Sleep state Hardware Monitoring Goal is 50% fewer Reboots Service Restarts Delivering on Fundamentals

AERO is the User Interface for Windows Vista applications Authentic Energetic Reflective Open & Approachable

The Windows Vista User Interface

The Windows Vista User Interface Developer Opportunities Windows Vista User Interface Guidelines High-resolution icons Common controls (comctl32.dll v6) CommandLinks Button-styled control for “important tasks” TaskDialog Error messages and prompts New Wizard Framework Use Vista themes in Wizards and dialogs

New controls and design

Visualize, Organize & Search Developer Opportunities Enable a simpler data management experience in your application OLE DB Provider for Windows Search Read & write properties (Property Provider API) New Common File Dialogs for opening/saving files Make your custom file formats part of the experience Metadata support (read/write & indexing): Property Handlers Full-text indexing : IFilter Live Icons: Thumbnail Providers: Rich preview in Reading Pane: Preview Handlers

Resources Windows Vista User Interface Guidelines: msdn.microsoft.com/windowsvista/experience msdn.microsoft.com/windowsvista/experience MSDN dev center: msdn.microsoft.com/ui/ msdn.microsoft.com/ui/ Windows Vista Development Forums: forums.microsoft.com/msdn/ forums.microsoft.com/msdn/

By default, all interactive processes run as standard user User consent is required to run a process with elevated privileges  Security shield identifies operations that require privilege elevation User Account Control

How will this affect my apps? Registry and File System Virtualization redirects some write operations to per-user virtual stores %userprofile%\AppData\Local\VirtualStoreHKEY_CURRENT_USER\Software\Classes\VirtualStore Virtualization is a Windows Vista compatibly feature for existing applications. New and updated applications should not rely on Virtualization. Windows Vista applications should provide a manifest and specify the appropriate requestedExecutionLevel element. (Note: this is a logo requirement)

Why not just turn off the UAC? Why not just run Windows 98? Educate yourself and your company! We will continue to make this ”sexier” Protect your users and customers!

User Account Control and virtualization

 Determine if your app runs as a standard user  Identify operations that require privilege elevation  Address identified operations, where possible  Mark your application as UAC-aware  Address necessary operations that require privilege elevation Steps for Ensuring UAC Compatibility

Identifying Privileged Operations Use the Standard User Analyzer tool Identifies operations that will require privilege elevation Can be run on Windows XP Will soon be released to the Microsoft.com download center Configure machine-wide settings during installation, rather than on first-run Change machine-wide setting to per-user, where appropriate

Using the Standard User Analyzer Tool

Marking Your App as UAC-Aware Provide a manifest (XML file) A manifest is an XML file, named.exe.manifest Set the requestedExecutionLevel element (typically set to “asInvoker”) This turns off Virtualization for your app Manifests can be external or embedded External manifests are located in the same folder as the executable Embedded manifests are included as a native Win32 resource

Creating a Manifest Add an XML file item to the project Rename it.exe.manifest <assemblyIdentity version=" " processorArchitecture="X86" name="AppName" type="win32" /> App Description requestedExecutionLevel requireAdministrator highestAvailable asInvoker

Embedding a Manifest in an Assembly Add a resource file to the project (Text File item) and rename it.rc Add pre-build event to compile resource “ \rc.exe ” $(ProjectDir)$(ProjectName).rc Add Win32 resources to assembly #define RT_MANIFEST 24 #define APP_MANIFEST 1 APP_MANIFEST RT_MANIFEST.exe.manifest appName.res

Current Issues with Visual Studio 2005 Schema/Intellisense error when editing project file Symptoms: Erroneous schema error displayed for element Incorrect suggestion from Intellisense to use Incorrect suggestion from Intellisense to use Workaround: you can safely ignore these errors The Visual Studio debugger does not elevate processes Symptoms You hit F5 to debug an.exe that requires elevation and you don’t get an elevation prompt The process was not elevated, so calls to privileged operations will fail Workarounds Launch the solution as elevated (right click and select Run as administrator) Use a remote debugger

Addressing Privileged Operations – Consider other requestedExecutionLevel values  requireAdministrator or highestAvailable – Some applications may require elevated privileges for only a subset of their features – Privilege elevation cannot occur in-process, you must launch a separate process  Requires re-factoring into separate partitions  UI elements that invoke privileged operations should be decorated with the security shield icon (logo requirement)  Privileged partitions must be launched with either ShellExecute or the COM elevation moniker

Example Note that the CreateProcess API does not elevate Process proc = new Process(); proc.StartInfo = new ProcessStartInfo(); proc.StartInfo.CreateNoWindow = true; proc.StartInfo.UseShellExecute = true; proc.StartInfo.FileName = "PrivilegedExe.exe"; proc.EnableRaisingEvents = true; proc.Exited += new EventHandler(OnExeExited); proc.Start(); Launching with ShellExecute

Making an App UAC-Aware

Down-level Considerations User Account Control is not supported on previous version of Windows What happens if you run a UAC-Compatible app on Windows XP? requestedExecutionLevel element is ignored on previous versions of Windows All processes run with the user’s highest privileges For standard users, calls to privileged operations will fail Strategies for ensuring partitioned applications continue to work correctly on XP For apps that require elevation, test for required privileges during process start-up (e.g. IsUserAdmin) and exit gracefully if not found

Resources Best Practices and Guidelines for Applications in a Least Privileged Environment us/dnlong/html/AccProtVista.asp?frame=true us/dnlong/html/AccProtVista.asp?frame=true us/dnlong/html/AccProtVista.asp?frame=true Standard User Analyzer Tool COM Elevation Moniker Documentation us/com/html/1595ebb8-65af-4609-b3e7- a21209e64391.asp us/com/html/1595ebb8-65af-4609-b3e7- a21209e64391.asp UAC Team Blog

How do I ensure that my application will work under User Account Control? If your app runs correctly as a Standard User: If your app targets administrators If your app doesn’t run as a Standard User: If only certain operations require elevated privileges: No action needed Remove any operations that require elevated privileges Set machine-wide settings during installation Include manifest with new attributes to “request approval” Factor into separate processes Identify administrative operations with a “shield” icon Developer Best Practices and Guidelines for Applications in a Least Privileged Environment