When trying to install third party software under Vista, you can run into the following trouble:
Software would like to disable UAC entirely.
Sample application: EasyBCD
Software needs to be added to DEP exemption list, because it's somehow protected ("packed").
... and the error message will puzzle most (if not all) end-users :)
Sample application: AuctionSentry
Software needs a compatibility pack from Microsoft
I guess compatibility packs rely on the Shim Engine, but I have never dug too deep in those mechanisms. Let's say that it is a database of big hacks to get crappy applications working :)
Sample : March 2007 Windows Vista Application Compatibility Update
You wait 3 monthes for an upgrade
Sample : iTunes [*], Microsoft Visual Studio 2005 [**]
[*] It seems also that iTunes will never be Vista64-compatible.
[**] Visual Studio 2005 still needs to be "elevated" to run properly on Vista.
You wait 3 monthes, but the upgrade is not free
Sample : some Adobe products
Oh yeah, I almost forgot. The software can play nice on 1st try! ;)
Thursday, January 31, 2008
Wednesday, January 30, 2008
MOVB-11 Vista logging
A nice finding about Windows Vista logging:
http://www.heysoft.de/Frames/Vista_Remarks1_en.htm
In short, most event log files are not properly referenced in the registry. Under HKLM\System\CCS\Services\EventLog\*\, the "File" entry has a ".elf" suffix, whereas Vista file format is ".evtx".
Consequently, most remote log reading tools (like Windows XP's Event Viewer, but most log collection tools could be affected) are unable to access Vista event logs.
This has been confirmed on my up-to-date Vista 64 system.
The conclusion from this guy is: "I must admit that I do now better understand all those people why say that they never install a Windows operating system in a production environment before its first Service Pack is out."
Fortunately, SP1 is due for Q1 2008 :)
http://www.heysoft.de/Frames/Vista_Remarks1_en.htm
In short, most event log files are not properly referenced in the registry. Under HKLM\System\CCS\Services\EventLog\*\, the "File" entry has a ".elf" suffix, whereas Vista file format is ".evtx".
Consequently, most remote log reading tools (like Windows XP's Event Viewer, but most log collection tools could be affected) are unable to access Vista event logs.
This has been confirmed on my up-to-date Vista 64 system.
The conclusion from this guy is: "I must admit that I do now better understand all those people why say that they never install a Windows operating system in a production environment before its first Service Pack is out."
Fortunately, SP1 is due for Q1 2008 :)
Tuesday, January 29, 2008
MOVB-10 Bug or security flaw?
[ MOVB is back on track ... time to finish up, before Vista SP1 being out! ]
An interesting bug from Microsoft Knowledge Base 945438:
An interesting bug from Microsoft Knowledge Base 945438:
Consider the following scenario:What is more interesting is the logic behind this bug:In this scenario, the application crashes.
- On a computer that is running Windows Vista, you use Microsoft Office PowerPoint 2007 to record audio, or you use another application to record audio.
- The application calls the acmFormatChoose function to display a dialog box so that you can select the waveform-audio format.
The acmFormatChoose function tries to free a pointer that was not allocated.Bug or security flaw? Given Vista heap protections, this one might be hard to exploit, even locally. But who dares to say impossible, when it comes to bug exploitation?
Subscribe to:
Posts (Atom)
