Installing or uninstalling applications,making changes to system settings – these are all linked to the all important registry values in Windows family of operating systems and Vista is no exception.
However,one thing that Vista can do is protect itself from unwanted registry changes which might break the operating system.
The concept of User Account Control or UAC is like sudo privileges in *nix counterparts.Changing system state only when an authorized account(the almighty Administrator) in Vista is the job of UAC.
There is one more way though Vista guards itself from unwanted changes,it’s called File and Registry virtualization.
Let’s see the possibilities of Vista security framework :
1.When a user tries to access registry editor,UAC will jump in and ask for administrator password to allow access else it will block the attempt.
2.When a program tries to install on Vista,it has to change the registry settings to allow it to run,here again UAC asks for a valid authorization and then allows the program to install.
3.When a legacy or old program fails to launch,File and Registry virtualization comes into play.
It will make virtual %SystemRoot% and %ProgramFiles% folders, and a virtual HKEY_LOCAL_MACHINE Registry entry. These virtual folders and entry are stored with the user’s files. So the Registry itself as well as the %SystemRoot% and %ProgramFiles% foldersare not altered in any way, thereby protecting the system files and the Registry.
It puts the legacy application in a protective bubble by doing this so that it can access the virtual File and registry within that bubble without actually touching the “real” File and registry structure in Vista.
Hope this boring but informative post gives some insight on applications security aspect of Windows Vista.