April 9th, 2007
![Windows Vista](http://www.microsoft.com/library/media/1033/windows/images/products/windowsvista/quick_vista.gif) There are some interesting thing which I tried to understand the [different UAC behavior with Vista verion #5XXX with RTM version](http://technet.microsoft.com/en-us/windowsvista/aa905117.aspx). |
- **How to not store file in virtual store when UAC is turn on?
**Ans: Use trust info in your manifest info. It can announce UAC not to use virtual store(Virtual Store Redirection was implemented to maximise compatibility of applications moving into the more secure Windows Vista environment without the need to recompile application code).
What if you don’t want to save file in virtual store when your privilege is not administrator? (Just let don’t let user to write file in such C:Program Files; C:; C:Windows … etc)
If you add follow code in you manifest, virtual store will be disable.
For this case, you should add trust infomation in your manifest file which like (Require Administrator/As Invoker). You can refer this article for more detail.
- **Don’t use MT.exe to link manifest resource in your .exe and .dll
**Ans: As I found trust information about manifest file in Microsoft Forum. This discussion thread also suggest us not to use MT.exe to link manifest information in your .exe and .dll, since there might a bug from Microsoft which will cause Blue screen (Yes,!! Blue God damn screen.) or freeze in your computer.
It will happen when your manifest information contain
_
_For more information, you can refer this article(The computer may restart when you add a manifest that has the Windows Vista extension to an .exe file or to a .dll file in Windows XP Service Pack 2 (SP2)). It is better to use ThemeMe.exe to link it.
- **Does UAC really safe for us?
**Ans: There is also an interesting news which Symantec: Don’t Trust Windows Vista UAC Prompts!. This news show, Symantec found Microsoft can use RunLegacyCPLElevated.exe(Which is designed to provide backward compatibility by allowing legacy Windows Control Panel plug-ins to run with full administrative privileges.) to get full administration privilege to call interface “CPlApplet”, which is then called with a number of different parameters depending on the action being performed.