14 DAY TRIAL // According to the claims of security developers, the administrator rights in Windows Vista are governed by the actual names that are assigned to the executable files. A C++ developer emphasized the fact that the names of the projects executed in Windows Vista are intimately connected to the names of the executables.
?If Vista sees that you have created a Microsoft Visual C++ project with install in the project name, then that .exe will automatically require Admin Rights to run. Create exactly the same project, but call it, say, Fred, and the problem disappears,? he explained to The Register. ?Vista's security isn't just concerned with what an .exe is doing to your PC, but what it's actually called.?
With Windows Vista, Microsoft has introduced the User Account Control, a feature designed to restrict privileges to those of a standard user. According to Microsoft, UAC's design purpose is to request the user's explicit consent for all installation executions that will then access protected areas of the file system and registry.
?Installation programs are applications designed to deploy software, and most write to system directories and registry keys. These protected system locations are typically writeable only by administrator users; this restriction means that standard users do not have sufficient access to install most programs. Windows Vista heuristically detects installation programs and requests administrator credentials or administrator approval in order to run with access privileges. Windows Vista also heuristically detects updater and un-installation programs,? Microsoft revealed in a Windows Vista technical article.
And the fact of the matter is that Windows Vista's installer detection process will look to the keywords included in a filename. ?Install,? ?Setup,? and ?Update? are some of the keywords that Windows Vista considers attributes of an installer. However, the operating system is not as simplistic as it might seem. Vista also identifies application manifests with appropriate requestedExecutionLevel elements that override Installer Detection.
Still, Vista's Installer Detection, valid only for the 32-bit editions, also applies to 32 bit executables, applications without a requestedExecutionLevel, interactive processes running as a Standard User with UAC enabled and keywords that associate the files with an installer.