News

Free Microsoft Tool Tests Corporate Apps for Vista Compatibility

Microsoft has released a tool to help IT shops and developers determine if changes are needed to users’ applications in order to run under Windows Vista.

The Standard User Analyzer version 1.0 is designed to aid developers and IT professionals in diagnosing issues that would prevent a program from running properly without administrator privileges. With Vista’s User Account Protection (also referred to as User Account Control or UAC), even administrators run most programs with standard user privileges by default. That means that applications can no longer have administrator access, and therefore applications that require those privileges will not run under Vista without changes.

The Standard User Analyzer is designed to be run on the developer or tester’s workstation to test and troubleshoot a specific application. Microsoft says that the tool can identify a range of administrator dependencies, including file and registry access, INI files, and security privileges, as well as token and name space issues.

According to documents on Microsoft’s site, the Standard User Analyzer is designed to complement Microsoft’s Application Compatibility Toolkit (ACT) 5.0, which will include a UAC agent that can be deployed to users’ desktops to identify applications that require administer privileges. Issues identified with the Standard User Analyzer can also be entered into the ACT 5.0 database so that application compatibility can be tracked across environments.

UAC is a major new security feature in Vista. It modifies the way users are provided access for making system changes. In previous Windows releases, performing IT-related tasks such as installing programs, device drivers and the like required administrator privileges. Additionally, many existing applications require that they run in administrator-level security. Those applications may not continue to function under Vista without changes, which the tool is meant to help identify.

In UAC, a user has a basic set of "standard" low-level rights and privileges. Since many malware attack vectors exploit security holes that allow them to take on the current user’s or application’s security level, the standard mode provides only the privileges needed to perform basic tasks. Since the user in standard mode doesn’t have the rights to perform administrative tasks, a successful attack that took control of the user’s account would only let the attacker perform a limited set of actions.

Likewise, applications are no longer allowed to run at administrator-level, so many custom corporate applications may need to be modified to run under the new model. Thus, Microsoft has asked third-party developers and IT organizations to check their applications and make changes necessary to enable them to run. The Standard User Analyzer is meant to help identify which applications have problems running under UAC.

Download the Standard User Analyzer 1.0 here.

About the Author

Stuart J. Johnston has covered technology, especially Microsoft, since February 1988 for InfoWorld, Computerworld, Information Week, and PC World, as well as for Enterprise Developer, XML & Web Services, and .NET magazines.

Featured

  • Image of a futuristic maze

    The 2024 Microsoft Product Roadmap

    Everything Microsoft partners and IT pros need to know about major Microsoft product milestones this year.

  • SharePoint Embedded Becomes Generally Available

    After a six-month preview, SharePoint Embedded, an API-based version of SharePoint that developers and ISVs can use to embed Microsoft 365 capabilities into their apps, is now generally available.

  • Copilot in Microsoft 365 Getting Agents, Extensions and Team (Not Teams) Support

    Microsoft is adding more functionality to its Copilot AI assistant aimed at improving business collaboration, processes and workflows for Microsoft 365 users.

  • Microsoft Giving Startups Templates To Build AI Apps

    A new perk for businesses enrolled in the Microsoft for Startups Founders Hub program aims to fast-track their ability to build AI-powered applications.