Unless you write an installer with the right manifest, don’t include Installer, Update, Upgrade, Setup, … in your EXE name
Posted by jpluimers on 2015/09/28
I’ve seen this question coming up a few times, and bumped into this at a client recently: the UAC dialog coming up when debugging a 32-bit executable.
This is caused (more details below) by Installer Detection Technology introduced in Windows Vista (with UAC) and tightened in more modern Windows versions.
The solution is to either:
- not include Installer, Patch, Update, Upgrade, Setup, … in your EXE name
- provide a correct manifest to your EXE (getting this right can be hard)
- don’t use x86 as platform target
For software you don’t have source code for, you can alter the manifest with a requestedExecutionLevel element: Fixing the way Vista Auto-detects Installers – Ben’s Writing.
A few links on Installer Detection Technology in Windows:
- Questions
- c# – Program Compatibility Assistant thinks my app is an installer – Stack Overflow.
- windows server 2003 – UAC thinks my Application is an installer Part 2 – Stack Overflow.
- delphi – How do I avoid UAC when my EXE file name contains the word “update”? – Stack Overflow.
- All the created “*update*.exe” files carry the shield overlay. But why? And where and how can I turn this off?.
- UAC, Shield Icons, and setup programs.
- Francisco Falcon on Twitter: “RE: Win asking for elevation when .exe filename includes substr “update”,it’s called “Installer Detection Technology” http://t.co/Rnxi9Drz37″.
- MSDN documentation
Then a quote assembled from the above MSDN documentation:
Windows Vista/7+ Installer Detection Technology
Important
When developing new installation programs, much like developing programs for Windows Vista+, be sure to embed an application manifest with an appropriate requestedExecutionLevel element (see Step 6: Create and Embed an Application Manifest in downloadable Help file). When the requestedExecutionLevel is present in the embedded application manifest, it overrides Installer Detection.
Windows heuristically detects
- installation programs and requests administrator credentials or approval from the administrator user in order to run with access privileges. […]
- updates and programs that uninstall applications.
One of the design goals of UAC is to prevent installations from being run without the user’s knowledge and consent because installation programs write to protected areas of the file system and registry.
Installer Detection only applies to:
- 32 bit executables
- Applications without a requested execution level attribute:
requestedExecutionLevel
- Interactive processes running as a Standard User with UAC enabled
Before a 32-bit process is created, the following attributes are checked to determine whether it is an installer:
- The file name includes keywords such as “install,” “setup,” or “update.”
- Versioning Resource fields contain the following keywords: Vendor, Company Name, Product Name, File Description, Original Filename, Internal Name, and Export Name.
- Keywords in the side-by-side manifest are embedded in the executable file.
- Keywords in specific
StringTable
entries linked in the executable file.- Key attributes in the resource script data are linked in the executable file.
- There are targeted sequences of bytes within the executable file.
Ensure that you thoroughly review the entirety of this document, including “Step 6: Create and Embed an Application Manifest” in the downloadable Help File.
Note
The keywords and sequences of bytes were derived from common characteristics observed from various installer technologies.
Note
The User Account Control: Detect application installations and prompt for elevation policy setting must be enabled for installer detection to detect installation programs. This setting is enabled by default and can be configured locally by using the Local Security Policy snap-in (Secpol.msc) or configured for the domain, OU, or specific groups by Group Policy (Gpedit.msc).
For general information and an overview of the Windows Installer, see Windows Installer in the MSDN Library (http://go.microsoft.com/fwlink/?LinkId=120410).
Note:
- Developer Best Practices and Guidelines for Applications in a Least Privileged Environment points to Windows Vista Application Development Requirements for User Account Control (UAC).
–jeroen
David Heffernan said
It’s wrong to suggest that it’s fine to omit the manifest, so long as the exe name doesn’t include the various magic words.
Omitting a manifest means your process will execute virtualized. That has many serious consequences. The manifest was introduced nearly 15 years ago. We really ought to be able to deal with them by now.