News

Free Microsoft Tool Tests Corporate Apps for Vista Compatibility

Microsoft has released a tool to help IT shops and developers determine if changes are needed to users’ applications in order to run under Windows Vista.

The Standard User Analyzer version 1.0 is designed to aid developers and IT professionals in diagnosing issues that would prevent a program from running properly without administrator privileges. With Vista’s User Account Protection (also referred to as User Account Control or UAC), even administrators run most programs with standard user privileges by default. That means that applications can no longer have administrator access, and therefore applications that require those privileges will not run under Vista without changes.

The Standard User Analyzer is designed to be run on the developer or tester’s workstation to test and troubleshoot a specific application. Microsoft says that the tool can identify a range of administrator dependencies, including file and registry access, INI files, and security privileges, as well as token and name space issues.

According to documents on Microsoft’s site, the Standard User Analyzer is designed to complement Microsoft’s Application Compatibility Toolkit (ACT) 5.0, which will include a UAC agent that can be deployed to users’ desktops to identify applications that require administer privileges. Issues identified with the Standard User Analyzer can also be entered into the ACT 5.0 database so that application compatibility can be tracked across environments.

UAC is a major new security feature in Vista. It modifies the way users are provided access for making system changes. In previous Windows releases, performing IT-related tasks such as installing programs, device drivers and the like required administrator privileges. Additionally, many existing applications require that they run in administrator-level security. Those applications may not continue to function under Vista without changes, which the tool is meant to help identify.

In UAC, a user has a basic set of "standard" low-level rights and privileges. Since many malware attack vectors exploit security holes that allow them to take on the current user’s or application’s security level, the standard mode provides only the privileges needed to perform basic tasks. Since the user in standard mode doesn’t have the rights to perform administrative tasks, a successful attack that took control of the user’s account would only let the attacker perform a limited set of actions.

Likewise, applications are no longer allowed to run at administrator-level, so many custom corporate applications may need to be modified to run under the new model. Thus, Microsoft has asked third-party developers and IT organizations to check their applications and make changes necessary to enable them to run. The Standard User Analyzer is meant to help identify which applications have problems running under UAC.

Download the Standard User Analyzer 1.0 here.

About the Author

Stuart J. Johnston has covered technology, especially Microsoft, since February 1988 for InfoWorld, Computerworld, Information Week, and PC World, as well as for Enterprise Developer, XML & Web Services, and .NET magazines.

Featured

  • The 2021 Microsoft Product Roadmap

    From Windows 10X to the next generation of Microsoft's application server products, here are the product milestones coming down the pipeline in 2021.

  • After High-Profile Attacks, Biden Calls for Better Software Security

    Recent high-profile security attacks have prompted the Biden administration to issue an executive order aiming to tighten software security practices across the board.

  • With Hybrid Networks on Rise, Microsoft Touts Zero Trust Security

    Hybrid networks, which combine use of cloud services with on-premises software, require a "zero trust" security approach, Microsoft said this week.

  • Feds Advise Orgs on How To Block Ransomware Amid Colonial Pipeline Attack

    A recent ransomware attack on a U.S. fuel pipeline company has put a spotlight on how "critical infrastructure" organizations can prevent similar attacks.