134
Part III:
Securing Windows Vista
applications. As standard user accounts can now perform most common configuration
tasks, Windows Vista does not require the use of the Power Users group.
Further, while Windows Vista maintains the Power Users group for legacy application
compatibility, applications written for Windows Vista do not require the use of the
Power User mode. Legacy applications that require administrative privileges use file and
registry virtualization; compliant applications use standard user mode and adminis
trator mode, as discussed previously. For more information about legacy application
compatibility, refer to the
Microsoft Windows Vista Administrator’s Pocket Consultant
(Microsoft Press, 2006).
William Stanek
Author, MVP, and series editor for the Microsoft Press Administrator’s Pocket Consultants
Understanding File System and Registry Virtualization
Windows Vista uses application security tokens to determine whether elevated privileges are
required to run applications or processes. With applications written for Vista, applications
either have an “administrator” token or a “standard” token. If an application has an “adminis-
trator” token, it requires elevated privileges. If an application has a “standard” token, it doesn’t
require elevated privileges.
The token is a reflection of the required level of privileges. A standard user mode–compliant
application should write data files only to nonsystem locations. If the application requires
administrator privileges to perform a specific task, the application should request elevated
privileges to perform that task. For all other tasks, the application should not run using
elevated privileges.
Applications not written for the Windows Vista new user account architecture are considered
legacy applications. Windows Vista starts these applications as standard user applications by
default and uses file and registry virtualization to give legacy applications their own
“virtualized” views of resources they are attempting to change. When a legacy application
attempts to write a system location, Windows Vista gives the application its own private copy
of the file or registry value so that the application will function properly. All attempts to write
to protected areas are logged by default as well.
Note
Virtualization is not meant to be a long-term solution. As applications are revised to sup-
port Windows Vista’s new user account architecture, the revised versions should be deployed to
ensure compliance with User Account Control and to safeguard the security of the computer.
C09622841.fm Page 134 Wednesday, May 17, 2006 9:26 AM