The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My badges

  • Twitter Updates

  • My Flickr Stream

  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 1,497 other followers

Unless you write an installer with the right manifest, don’t include Installer, Update, Upgrade, Setup, … in your EXE name

Posted by jpluimers on 2015/09/28

I’ve seen this question coming up a few times, and bumped into this at a client recently: the UAC dialog coming up when debugging a 32-bit executable.

This is caused (more details below) by Installer Detection Technology introduced in Windows Vista (with UAC) and tightened in more modern Windows versions.

The solution is to either:

  • not include Installer, Patch, Update, Upgrade, Setup, … in your EXE name
  • provide a correct manifest to your EXE (getting this right can be hard)
  • don’t use x86 as platform target

For software you don’t have source code for, you can alter the manifest with a requestedExecutionLevel elementFixing the way Vista Auto-detects Installers – Ben’s Writing.

A few links on Installer Detection Technology in Windows:

Then a quote assembled from the above MSDN documentation:

Windows Vista/7+ Installer Detection Technology

Important

When developing new installation programs, much like developing programs for Windows Vista+, be sure to embed an application manifest with an appropriate requestedExecutionLevel element (see Step 6: Create and Embed an Application Manifest in downloadable Help file). When the requestedExecutionLevel is present in the embedded application manifest, it overrides Installer Detection.

Windows heuristically detects

  • installation programs and requests administrator credentials or approval from the administrator user in order to run with access privileges. […]
  • updates and programs that uninstall applications.

One of the design goals of UAC is to prevent installations from being run without the user’s knowledge and consent because installation programs write to protected areas of the file system and registry.

Installer Detection only applies to:

  1. 32 bit executables
  2. Applications without a requested execution level attribute: requestedExecutionLevel
  3. Interactive processes running as a Standard User with UAC enabled

Before a 32-bit process is created, the following attributes are checked to determine whether it is an installer:

  • The file name includes keywords such as “install,” “setup,” or “update.”
  • Versioning Resource fields contain the following keywords: Vendor, Company Name, Product Name, File Description, Original Filename, Internal Name, and Export Name.
  • Keywords in the side-by-side manifest are embedded in the executable file.
  • Keywords in specific StringTable entries linked in the executable file.
  • Key attributes in the resource script data are linked in the executable file.
  • There are targeted sequences of bytes within the executable file.

Ensure that you thoroughly review the entirety of this document, including “Step 6: Create and Embed an Application Manifest” in the downloadable Help File.

Note

The keywords and sequences of bytes were derived from common characteristics observed from various installer technologies.

Note

The User Account Control: Detect application installations and prompt for elevation policy setting must be enabled for installer detection to detect installation programs. This setting is enabled by default and can be configured locally by using the Local Security Policy snap-in (Secpol.msc) or configured for the domain, OU, or specific groups by Group Policy (Gpedit.msc).

For general information and an overview of the Windows Installer, see Windows Installer in the MSDN Library (http://go.microsoft.com/fwlink/?LinkId=120410).

Note:

–jeroen

One Response to “Unless you write an installer with the right manifest, don’t include Installer, Update, Upgrade, Setup, … in your EXE name”

  1. David Heffernan said

    It’s wrong to suggest that it’s fine to omit the manifest, so long as the exe name doesn’t include the various magic words.

    Omitting a manifest means your process will execute virtualized. That has many serious consequences. The manifest was introduced nearly 15 years ago. We really ought to be able to deal with them by now.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

 
%d bloggers like this: