Windows Vista Security Guide
Chapter 4: Application Compatibility
Application compatibility is always a critical and important challenge that organizations must address when deploying a new operating system. A large part of the development effort for Windows Vista™ involved helping to ensure that the new features and services in the operating system maintain a high level of functionality and compatibility with older programs. Throughout development, the Microsoft Application Experience Team tested many applications from a wide range of third-party vendors.
The security settings prescribed in this guide to harden Windows Vista have been extensively tested to work compatibly with the core operating system, as well as with the Microsoft® Office suite of applications. Applications that run on Windows Vista should continue to operate properly on client computers subject to the setting recommendations in this guide.
However, there is a possibility that older applications may not work properly with some of the new security technologies built into Windows Vista. Technologies such as User Account Control (UAC) and Windows Resource Protection can interfere with older applications.
The Microsoft Solution Accelerator for Business Desktop Deployment (BDD) 2007 contains comprehensive application compatibility guidance to enable IT professionals to test applications for compatibility with Windows Vista, and mitigate compatibility issues discovered during the process. For more information, see the Application Compatibility Feature Team Guide on Microsoft TechNet®.
This chapter includes simple procedures that you can use to test the level of compatibility of your applications with Windows Vista, discusses some of the more common causes of application compatibility issues, and provides pointers to available resources that can help you to address them.
On This Page
Thirty-Minute Compatibility Check
This section provides guidance on how to test and evaluate application compatibility with Windows Vista. It includes two scenarios that you can use to test application compatibility with the operating system. These will help you to:
To test an application with a clean installation of Windows Vista
To test an application with an upgrade to Windows Vista from Windows XP SP2
If you complete both scenarios and determine that the application performs properly, you can assume that it will work with Windows Vista.
Known Application Compatibility Issues
This section describes several of the most common new technologies, enhancements, and changes in Windows Vista that are known to cause application compatibility issues. Where possible, this section also includes ways to potentially mitigate them.
Important Test all third-party applications that you plan to use in your environment with Windows Vista to ensure that they will work properly with the operating system.
The following new security enhancement features in Windows Vista may cause compatibility issues with third-party applications:
Operating System Changes and Innovations
The following new operating system changes and innovations in Windows Vista may cause compatibility issues with third-party applications:
The Windows Vista Developer Story: Application Compatibility Cookbook on MSDN provides additional information about these security enhancements and operating system changes and innovations in Windows Vista. The cookbook also provides test approaches and possible remedies for most of these compatibility issues.
Tools and Resources
This section provides brief overviews and pointers to several features and technologies available for Windows Vista that are designed to help you address application compatibility issues.
Program Compatibility Assistant
This feature automatically specifies an appropriate "compatibility mode" for applications designed to run with previous versions of Windows. When Windows Vista detects applications that need to run in compatibility modes for Windows XP, Windows 2000, or later versions of Windows, the operating system directs the applications to be updated automatically to run on Windows Vista without further user intervention.
For more information, see the Program Compatibility Assistant: frequently asked questions page of the Windows Vista Help and Support Web site.
Program Compatibility Wizard
The Program Compatibility Wizard is included with Windows Vista to assist you when a program written for an earlier version of Windows does not run correctly. The wizard will help you specify compatibility settings for the program, which will resolve application compatibility issues for many older programs.
To access the Program Compatibility Wizard, double click the Program Compatibility Wizard icon on your desktop.
For more information, see the Make older programs run in this version of Windows page of the Windows Vista Help and Support Web site.
Do not run the Program Compatibility Wizard on older antivirus programs, disk utilities, or other system programs because it might cause data loss or create a security risk. Instead, use only versions of these programs and utilities designed specifically to work with Windows Vista.
Microsoft Standard User Analyzer
This application compatibility tool helps developers and IT professionals diagnose issues that would prevent a program from running properly without administrative privileges. Using the Standard User Analyzer to test your application can identify issues with file access, registry access, tokens, and other protected areas of the operating system.
On Windows Vista, even administrators run most programs with standard user privileges by default. This tool helps you to ensure that your application does not have administrator access as a dependency. Results display in a simple graphical interface.
You can download this tool from the Microsoft Standard User Analyzer on the Microsoft Download Center.
Application Compatibility Toolkit
Microsoft has made available a suite of tools and documentation to help you identify and manage your organization’s application portfolio. The Windows Application Compatibility Toolkit (ACT) is designed to help you reduce the cost and time involved to resolve application compatibility issues to better enable you to quickly deploy Windows Vista.
ACT can help you prepare to use Windows Vista by detailing your existing application inventory, managing critical applications, and determining the extent of your application environment that may require special attention in preparation for Windows Vista.
ACT 4.1 is currently available and was delivered to assist customers with their Windows XP SP2 deployment. ACT 4.1 examines DCOM interfaces, firewall settings, and Internet Explorer issues. ACT was designed to identify applications that require further testing, to identify outdated ones, and to determine which applications are already compatible with SP2, enabling you to prioritize your efforts.
ACT 5.0 has been specifically updated to support the security features of Windows Vista.
Enhancements in this toolkit include:
For more information about the toolkit, see the Windows Application Compatibility page on TechNet.
In addition to specific application compatibility tools and resources, there are additional Microsoft technologies you can use to address application compatibility issues that might take some time to fully resolve. These technologies are designed to help you migrate to Windows Vista, and continue to run business critical applications that are not compatible with Windows Vista. These technologies include the following:
The following links provide additional information about Windows Vista application compatibility related topics:
In This Article
Este conteúdo não está disponível em seu idioma, mas aqui está a versão em inglês.