SlideShare une entreprise Scribd logo

Windows 7 Application Compatibility

Télécharger en tant que PPTX, PDF
Dave Allen
Dave Allen
TechnologieBusiness
1  sur  92
Windows 7Application Compatibility Dave Allen ISV Application Architect Microsoft UK Dave.Allen@microsoft.com
Agenda Why your application might not work User Account Control New Folder Locations Windows Resource Protection Mandatory Integrity Control User Interface Privilege Isolation Internet Explorer Protected Mode OS and IE Versioning Session 0 Isolation Some less common issues
Some of the cool stuff in Windows 7 Demo
Why: User Account Control OS is at risk from today’s malware when user is running as Administrator Ease with which malware can self-install Privilege elevation through security holes in software Extent of damage caused by malware is potentially greater Other issues Accidental damage caused by user
How: User Account Control With Windows 7 all users run as Standard User by default, including members of Admin group Only true for interactive logins; services continue to run as before in Windows XP
How: User Account Control (cont.) Two tokens are created at logon (split token) Standard User Token Administrator SID set as Deny Only (can still be used to deny access, but not to grant) Runs with medium integrity level (IL) Most privileges removed (e.g. SeDebugPrivilege) Administrator Token Administrator SID has all rights assigned Runs with high integrity level (IL) All privileges are present
How: User Account Control (cont.) Standard User Token is used until explicit consent is given, then Administrator Token is used (Consent UI) for that particular process Supporting feature: Unnecessary Administrator checks (in XP) have been removed Example: Change time zone
UAC: Elevation Details Re-parented Standard User or ProtectedAdministrator System Full Administrator ShellExecute(elevatedapp.exe) CreateProcessAsUser(elevatedapp.exe) explorer.exe AppInfo Service elevatedapp.exe RPC RPC consent.exe
UAC: OTS Dialogs
UAC Spilt Token Demo
UAC: Running Apps Elevated Right click program  Run as administrator Compatibility fix (shim) or mode Program properties  Compatibility tab  Run as administrator RunAsAdmin shim in system shim database Installer detection Heuristics such as string containing “Setup”, “Install”, or “Update” in: Executable name Resource strings MSIs are always detected as installers
UAC: Running Apps Elevated (cont.) Application designed for Windows 7 UAC manifest with <requestedExecutionLevel> All applications should have one Removes application compatibility overhead (some Shims, PCA, virtualization) at run time Internal manifest (compiled into the application) Build manifest into application binary Takes precedence External manifest (added as a separate file) MyApp.exe.manifest Unsupported, avoid!
UAC: Internal Manifest (cont.) requireAdministrator The application runs only for administrators and requires that the application be launched with the full token of an administrator asInvoker The application runs with the same token as the parent process highestAvailable The application runs with the highest privileges the current user can obtain
UAC: Internal Manifest (cont.) Extract application manifest from executable if it exists: mt -inputresource:elevatedapp.exe;#1 -out:extracted.manifest Modify the manifest to add UAC request <?xml version="1.0" encoding="utf-8"?> <asmv1:assembly manifestVersion="1.0" xmlns="urn:schemas-microsoft-com:asm.v1" xmlns:asmv1="urn:schemas-microsoft-com:asm.v1" xmlns:asmv2="urn:schemas-microsoft-com:asm.v2" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <assemblyIdentity version="1.0.0.0" name="MyApplication.exe"/> <trustInfoxmlns="urn:schemas-microsoft-com:asm.v2"> <security> <requestedPrivilegesxmlns="urn:schemas-microsoft-com:asm.v3"> <requestedExecutionLevel level="asInvoker" uiAccess="false" /> </requestedPrivileges> </security> </trustInfo> </asmv1:assembly> Insert the modified manifest back into the executable: mt -manifest elevatedapp.exe.manifest -outputresource:elevatedapp.exe;#1
Side topic: Compatibility manifest Modify the manifest to add OS target <?xml version="1.0" encoding="utf-8"?> <asmv1:assembly manifestVersion="1.0" xmlns="urn:schemas-microsoft-com:asm.v1" xmlns:asmv1="urn:schemas-microsoft-com:asm.v1" xmlns:asmv2="urn:schemas-microsoft-com:asm.v2" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <assemblyIdentity version="1.0.0.0" name="MyApplication.exe"/> <compatibility xmlns="urn:schemas-microsoft-com:compatibility.v1"> <application> <!—- The ID below indicates application support for Windows 7 --> <supportedOS Id="{35138b9a-5d96-4fbd-8e2d-a2440225f93a}"/> </application> </compatibility> </asmv1:assembly>
Combined Manifest Combined UAC and compatibility manifest <?xml version="1.0" encoding="utf-8"?> <asmv1:assembly manifestVersion="1.0" xmlns="urn:schemas-microsoft-com:asm.v1" xmlns:asmv1="urn:schemas-microsoft-com:asm.v1" xmlns:asmv2="urn:schemas-microsoft-com:asm.v2" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <assemblyIdentity version="1.0.0.0" name="MyApplication.exe"/> <trustInfoxmlns="urn:schemas-microsoft-com:asm.v2"> <security> <requestedPrivilegesxmlns="urn:schemas-microsoft-com:asm.v3"> <requestedExecutionLevel level=“asInvoker" uiAccess="false" /> </requestedPrivileges> </security> <compatibility xmlns="urn:schemas-microsoft-com:compatibility.v1"> <application> <!—- The ID below indicates application support for Windows 7 --> <supportedOS Id="{35138b9a-5d96-4fbd-8e2d-a2440225f93a}"/> </application> </compatibility> </trustInfo> </asmv1:assembly>
UAC: UI Design for Elevation Send the BCM_SETSHIELD message to a button control, using SendMessage Button.FlatStyle has to be set to System Fails for owner-drawn buttons Get icon and render in owner draw handlerHICON shieldIcon = LoadIcon(null, IDI_SHIELD); Unmanaged code (C++) SendMessage call can be invoked more easily using the Button_SetElevationRequiredState macro Managed code (C#, VB.NET) Use SystemIcons.Shield
Elevation, Manifests, and UI Design Demo
Why: Program Compatibility Assistant Program Compatibility Assistant (PCA) automates mitigation of some UAC (and more) compatibility issues Attempts to detect if a program is an installer Client-only feature – not in Server PCA monitors attempts to: Create a sub folder in “Program Files” Copy exe or dll files into the new folder Overwrite system files Not writing to the “Program Database” Etc…
How: Program Compatibility Assistant If PCA detects a compatibility issue it… Notifies the user AND Applies a solution (high confidence) OR Offers to apply a solution (medium confidence)
UAC: Virtualization Redirects privileged file access to C:sersusername%ppDataocalirtualStore C:rogram Files C:indows Redirects registry access from HKLM to HKCUoftwarelassesirtualStoreACHINE Adding a manifest disables virtualization and the Program Compatibility Assistant (PCA)
UAC: Virtualization (cont.) Redirection is “sticky” – reads are re-directed Deleting all virtual copies removes the “stickiness” Elevated process not affected Side effects: multiple virtualized copies (one per user and one for admin)
Virtualization Demo
UAC: Symptoms Explicit access right error message Event Log contains security or application messages indicating security problems Application crashes, fails to install, or fails to update for automatic updater Application fails to remember saved settings Symptoms vary widely and are difficult to diagnose
UAC: Investigation Determine whether application was designed to run as administrator Run as administrator – does it work? Run as standard user – check redirection locations C:sersusername%ppDataocalirtualStore HKCUoftwarelassesirtualStoreACHINE Event Log – logs relevant UAC Process Monitor (Procmon) for failed access http://technet.microsoft.com/en-gb/sysinternals/bb896645.aspx
Event Log Demo
UAC: MSI’s Symptom MSI with a custom action fails with a UAC error despite elevation Cause MSI contains custom action that impersonates the user (default) Example: ActionType=1025 msidbCustomActionTypeInScript (0x400) delayed msidbCustomActionTypeDll (0x1) = 0x401 msidbCustomActionNoImpersonate (0x800) not set
UAC: MSI’s (cont.) Fixes Redesign to select not impersonating user Set bit msidbCustomActionNoImpersonate (0x800) Example : ActionType 1025 (0x401) becomes 3073 (0xC01) Edit MSI with Orca.exe to change the right ActionType fields Run from elevated command prompt
Orca Demo
UAC: Self-extracting installer Symptom Self-extracting EXE or custom wrapper runs elevated and executes a script, but script fails Cause UAC prompt occurs on self-extracting EXE or custom wrapper, but elevated privileges are not transferred to script Fixes Redesign to use MSI Run from elevated command prompt Creates an elevated script engine
UAC: Checking for admin rights Symptoms Many – from minor feature misbehavior to crash Causes Applications uses IsUserAnAdmin, CheckTokenMembership “BUILTINdministrators” and similar APIs APIs return false when not elevated Mitigation Shim ForceAdminAccess or ProtectedAdminCheck Fix GetTokenInformation API TokenElevation (elevated or not) TokenElevationType (default, full or limited)
UAC: User COM Objects Symptoms Elevated application cannot instantiate COM object Regular application can instantiate the same COM object Cause COM object is registered per user HKEY_CLASSES_ROOT is a virtual registry hive HKCUoftwarelasses take precedence in Windows XP and for medium and low integrity processes in Windows 7 HKCUoftwarelasses is NEVER used for high integrity processes (elevated) in Windows 7 Prevents user configuring malicious COM object and tricking elevated task into executing code. Mitigation Applications that will require administrator rights should register any COM objects during installation to HKLMoftwarelasses.
UAC: Mapped Network Drives Symptoms Regular mapped network drives (and SUBST) are not visible when running elevated Drives mapped from an elevated prompt are not visible in standard processes (including Explorer) Causes Mappings attached to logon session Mapped Network drives are only valid in the context of the user token that mapped them Two sets of mapping for split token situation
UAC: Mapped Network Drives (cont.) Mitigation Automatic mitigation for installers accessing remote drive Map each drive in the context of the regular token and elevated token Registry entry HKLMOFTWAREicrosoftindowsurrentVersionoliciesystemnableLinkedConnections = (dword)1 http://support.microsoft.com/kb/937624
Mapped Network Drives Demo
New Folder Locations “My Documents” and other user folder locations are changed to provide a better user experience The user data is now stored in: ‘sersusername% folder structure Pictures, Music, Documents, Desktop, and Favorites are all new folders directly under this structure The “My “ prefix was dropped from Documents, Music, etc. “All Users” became “Public” and “rogramData”
New Folder Locations (cont.) Differentiation between User and App data User does not directly interact with app data Identify specific locations using ShGetFolderPath or SHGetKnownFolderPath System.Environment namespace Shared User Data (Documents) C:sersublicocuments CSIDL_COMMON_DOCUMENTS FOLDERID_PublicDocuments
New Folder Locations (cont.) Per User Data (Documents) C:sersusername%ocuments CSIDL_MYDOCUMENTS FOLDERID_Documents SpecialFolder.MyDocuments
New Folder Locations (cont.) Shared Application Data C:rogramDatayAppName %AllUsersProfile%yAppName CSIDL_COMMON_APPDATA FOLDERID_ProgramData SpecialFolder.CommonApplicationData Set permissions (ACL) for folders in shared application data area during install
New Folder Locations (cont.) Per User Application Data (local) C:sersusername%ppDataocal %LOCALAPPDATA% CSIDL_LOCAL_APPDATA FOLDERID_LocalAppData SpecialFolder.LocalApplicationData
New Folder Locations (cont.) Per User Application Data (roaming) C:sersusername%ppDataoaming %APPDATA% CSIDL_APPDATA FOLDERID_RoamingAppData SpecialFolder.ApplicationData
New Folder Locations (cont.) Localization Changes Localized folder names used to be the actual name (i.e., “C:rogramme”) and an English name was not provided In Windows 7, all folders have English names (i.e., “C:rogram Files”) and a junction point with the localized name is provided (i.e., “C:rogramme”) Explorer displays the localized name for the actual directory
New Folder Locations: Mitigation Directory junctions Provides backward compatibility for hard-coded paths ‘Documents and Settings’  ‘Users’ ‘My Documents’  ‘Documents’ ‘Programme’  ‘Program Files’
New Folder Locations: Fixes Never hard code absolute paths AppVerifier includes a test Script: environment variables Unmanaged code (C++/C) ShGetFolderPath function (CLSID_...) SHGetKnownFolderPath (FOLDERID_...) Vista and later Managed code (C#, VB.NET) System.Environment.GetFolderPath EnumSystem.Environment.SpecialFolder Microsoft.VisualBasic.FileIO.SpecialDirectories My.Computer.FileSystem.SpecialDirectories
Q & A
Why: Windows Resource Protection Core operating system files and registry keys can be overwritten with older versions or malicious code causing serious stability and security issues Windows Resource Protection (WRP) is designed to protect those objects from being overwritten Increases system stability, predictability, and reliability Replaces Windows File Protection in Windows XP
How: Windows Resource Protection Updates to protected resources restricted OS trusted installers (Windows Update) ACL on resources Affects specific files, folders, and registry keys Majority of core OS modules (EXE and DLL) Majority of core OS HKCR Registry Keys Folders used exclusively by OS resources
WRP Demo
Mandatory Integrity Control Windows 7 implements Mandatory Integrity Control (MIC) Processes run at one of four Integrity Levels: System processes run at System IL Applications that require administrative privileges run at High IL Standard applications run at Medium IL Restricted apps run at Low IL Securable objects (Files, Processes, Windows Stations, Message queues) define the minimum IL for a process to access them Default IL for objects: Medium
User Interface Privilege Isolation UIPI uses MIC’s Integrity Levels to restrict sending window messages Applications cannot send messages to other applications running at a higher integrity level Higher application can allow access SendMessage returns success to mitigate failures Where compatibility impact is high, lower IL applications can be manifested to opt out of UIPI Manifested Signed (authenticated) Installed in “Program Files”
MIC and UIPI Objects Processes High High High IL Process Medium Medium Medium IL Process Low Low Low IL Process Read Write Send
Integrity Levels Security IDs (SIDs) for integrity levels RID defines the integrity level Low: S-1-16-4096 (0x1000) Medium: S-1-16-8192 (0x2000) High: S-1-16-12288 (0x3000) System: S-1-16-16384 (0x4000)
Install an ActiveXcontrol Exploit can install MALWARE Change Settings, Download a Picture Exploit can install MALWARE Cache Web content Why: IE Protected Mode IExplore.exe Admin-Rights Access HKLM Program Files User-Rights Access HKCU My Documents Startup Folder Temp Internet Files Untrusted files & settings
How: IE Protected Mode In Windows 7, Microsoft Internet Explorer 8 runs in Protected Mode (IEPM) for non-trusted sites (installation default) IE runs as separate process instances for different protection modes Prevents buffer overflow exploits from affecting higher trust level sites Required by IEPM’s underlying mechanism: Mandatory Integrity Control (MIC) User Interface Privilege Isolation (UIPI)
How: IE Protected Mode (cont.) Integrity Levels (IL) for IE IEPM: Low Integrity Level Unprotected: Medium Integrity Level Low-integrity processes (such as IEPM) can only write to folders, files, and registry keys that are also marked as low-integrity Temporary Internet Files folder %TEMP%ow History folder Cookies folder Favorites folder Windows Temporary Files folders %userprofile%ppDataocalLow
IEPM: Compatibility Impact Attempts by ActiveX controls to modify medium and higher IL objects fail e.g. writing to the user’s Documents folder ActiveX controls fail to install Automatic mitigations
Install an ActiveX control Change settings, Drag and Drop Cache Web content Redirected settings & files Compat Layer IEPM: Automatic Mitigation IExplore in Protected Mode Integrity Control and UIPI IEInstall.exe Admin-Rights Access HKLM HKCR Program Files IEUser.exe User-Rights Access HKCU My Documents Startup Folder Temp Internet Files Untrusted files & settings
IEPM: Manual Mitigation Redesign the site to function properly in Protected Mode Add site to trusted sites Protected Mode is not enabled for trusted sites Use ActiveX Install Services (AXIS) for enterprise deployments
AXIS: How it works IE parses a page that requires an ActiveX control If the user is a Standard User, the AXIS is called The AXIS will perform a lookup in the Allowed Installation Sites list deployed via Group Policy If the Host URL is within policy, the control will be downloaded by the service If the control meets the signing criteria, it will be installed as the LocalSystem account
AXIS: Enabling the Service AXIS is an optional component that must be enabled Deploy through SMS Run cmd.exe as Administrator, then run this command: ocsetup.exe AxInstallService Control Panel Programs  Turn Windows Features On or Off
AXIS: Configuring the Policy Run gpedit.msc Navigate to Computer Settings Administrative Templates Windows Components ActiveX Installer Services Enter Host URL and policy for each trusted site Must specify protocol: http or https(preferred) Example: http://download.microsoft.com Best Policy 2, 1, 0, 0
Q & A
Windows and IE Versions Internal version number for Windows 7 is 6.1 – this is what is returned by GetVersion() Version number for Internet Explorer is 8.0 Version number is included in User Agent String User Agent String is included in HTTP header
Windows Version Mitigation Compatibility mode is provided in Windows 7 Users can right-click the shortcut or the EXE and apply the Windows XP SP2 compatibility mode from the Compatibilitytab. This applies multiple shims including “WinXPSP2VersionLie” PCA automates step for installers Better: Apply the shim “WinXPSP2VersionLie” In many cases, applications will work the same way they did in Windows XP and there is no need for changes to them
Windows Version Mitigation (cont.) 'Reinstall using recommended settings' Applies the Windows XP compatibility mode and restarts the program The fix is effective for all users (stored in HKLM)
Windows Version Remediation Applications should not perform version checks for equality, e.g. == 5.1 If you need a specific feature, check whether the feature is installed or available If you need Windows XP, check for Windows XP or later (>= 5.1) Exceptions to this occur when there is a very specific business, or legal need to do a version check, such as a regulatory body requires you to certify your application for each operating system and version
Windows Version Numbers Demo
IE8 Version Symptoms Web sites may render incorrectly CSS and JavaScript compliance changes Renders in IE8 Standards Mode for Internet sites Web sites that check the User Agent String for the IE version will get higher version number Web sites might refuse to load Web Sites might reduce functionality
IE8 Version Mitigations IE7 Compatibility Mode Default setting for intranet sites Can be controlled from the server For a single Web Page For a directory, application, or site Add <meta http-equiv="X-UA-Compatible" content="IE=EmulateIE7" /> to the page or response header See http://support.microsoft.com/kb/968499 for different options
IE7 Compatibility Mode In a Web Page <html> <head> <title>My Web Page</title> <!-- Use IE7 mode --> <meta http-equiv="X-UA-Compatible" content="IE=EmulateIE7”/> </head> <body> <p>Content goes here.</p> </body> </html>
IE7 Compatibility Mode In the web.config <?xml version="1.0" encoding="utf-8"?> <configuration> <system.webServer> <httpProtocol> <customHeaders> <clear /> <add name="X-UA-Compatible" value="IE=EmulateIE7”/> </customHeaders> </httpProtocol> </system.webServer> </configuration>
IE8 Standards Mode In a Web Page <html> <head> <title>IE8 Standards Mode Web Page</title> <!-- Use IE8 Standards Mode --> <meta http-equiv="X-UA-Compatible" content="IE=IE8”/> </head> <body> <h1>Hi from IE8 Standards Mode</h1> </body> </html>
Expression SuperPreview Stand-alone visual debugging tool Shows web pages rendered in IE 6 and either IE 7 or 8, depending on which version you have installed on your machine. View pages side by side or as an onion-skin overlay and use rulers, guides and zoom/pan tools to precisely identify differences in layout.
Expression SuperPreview Demo
Sessions in Windows XP/ Server 2003 Session 0 Window Station Desktop Services 1st User’sWindow 1st User’sWindow 1st User’sWindow Screen Saver Login
Sessions in Windows 7 Session 0 Session 1 Window Station Window Station Desktop Desktop Service 1st User’sWindow 1st User’sWindow Service 1st User’sWindow Screen Saver Login Secure
Session 0: Compatibility Impact A service and a user application that use window message functions (e.g. SendMessage, PostMessage) to communicate will silently fail A service and a user application that use local objects to communicate will silently fail A service that uses a UI to interact with the user will display the UI on a special desktop which is inaccessible Applications that work with Fast User Mode Switching will probably continue to work
Session 0 Isolation Demo
Less Common Issues Painting Behavior Deprecated Components Managed Code for .NET 1.x 64-bit Vista
Painting behavior Why: To improve user experience How: All top-level windows are rendered to an off-screen bitmap; Desktop Window Manager combines the images to draw the desktop Impact: Some applications will render incorrectly Mitigation: Disable desktop composition Apply shim “DisableDWM” Properties -> Compatibility Tab -> Disable desktop composition Fixes: Redesign application to not assume that it is rendering directly to the screen
Disabling Desktop Composition Demo
Deprecated components Windows Help (WinHlp32.exe) Available as a download CHM is now the preferred option Graphical Identification and Network Authentication (GINA) modules Removal of Windows Mail Disables CoStartOutlookExpress File associations (.eml, .nws, .contact, .group, .wab, .p7c, .vfc) are broken or disabled Install Windows Live Mail
Deprecated components (cont.) Removal of Windows Movie Maker Install Windows Live Movie Maker Microsoft Agent technologies  Removal of Windows Registry Reflection PCA instruments CoCreateInstance API and the Loader (NTDLL) Detect load failures on deprecated COM objects and DLLs respectively Uses Windows Error Reporting (WER) to retrieve Knowledge Base article or link to download deprecated component
Managed code for .NET 1.x Symptom Managed code written for .NET 1.x fails (error message or crash) Cause Application depends on .NET 1.x feature AND Application does not specify <supportedRuntime> or <requiredRuntime> in configuration file Note: .NET 1.0 did not support <supportedRuntime> Fix Add <supportedRuntime version="v1.1.4322"/> to <appname>.exe.config
Managed code for .NET 1.x Symptom Managed code written for .NET 1.x fails (error message or crash) Cause Application depends on .NET 1.x feature AND Application does not specify <supportedRuntime> or <requiredRuntime> in configuration file Note: .NET 1.0 did not support <supportedRuntime> Fix Add <supportedRuntime version="v1.1.4322"/> to <appname>.exe.config
64 bit WoW64 allows 32-bit applications to run on 64-bit Windows, but compatibility issues may still exist Not supported 16-bit applications and installers Limited support for some installers 32-bit kernel mode drivers 32-bit user mode printer drivers Kernel patching (x64 only) Patchguard prevents applications from patching the Kernel. If this is detected, a shut down will be initiated Windows Server 2008 R2 – 64 bit ONLY
Windows 7 Logo Program Benefits Compatibility message to your customers Joint marketing Partner Points Requirements ISVs must sign up to receive their crash data from WER Use AppVerifier as part of development lifecycle Install to correct folder locations Sign binary executables Include a manifest and run as a standard user Support Restart Manager 64 bit support Etc...
Windows 7 Logo Program Roadmap Follow these steps to verify that your application complies with the Windows 7 Client Software Logo technical requirements: Download and install the Windows 7 Client Software Logo Toolkit Run the Toolkit to validate your application Ensure the application adheres to all policies Accept and sign all legal agreements Opt in to receive communications from Microsoft about your product(s) Mail a licensed copy of your software to Microsoft Upon successful completion of validation testing submit the results to Microsoft
Tools, documentation, and help Application Verifierhttp://go.microsoft.com/fwlink/?linkid=11573 Standard User Analyzer http://www.microsoft.com/downloads/details.aspx?FamilyId=24DA89E9-B581-47B0-B45E-492DD6DA2971&displaylang=en Windows 7 Application Quality Cookbookhttp://code.msdn.microsoft.com/Release/ProjectReleases.aspx?ProjectName=Windows7AppQuality&ReleaseId=1734 Windows 7 Training Kit for Developershttp://www.microsoft.com/downloads/details.aspx?FamilyID=1C333F06-FADB-4D93-9C80-402621C600E7&displaylang=en Application Compatibility Forumhttp://social.msdn.microsoft.com/Forums/en-US/windowscompatibility/threads/
Call to action Get ready for Windows 7 deployments Test your applications on Windows 7 Make use of resources that are available now Joint marketing Free technical support Free App Compat Labs Latest tools Active discussion forums Tell Microsoft and your customers Update Greenlight Web Site Consider Window 7 Logo certification
Resources Windows Application Compatibilityhttp://msdn.microsoft.com/en-us/windows/aa904987.aspx Developer for Windows 7 on MSDN http://msdn.microsoft.com/en-us/windows/dd433113.aspx IE8 Readiness Toolkithttp://www.microsoft.com/windows/internet-explorer/readiness/developers-new.aspx Windows API Code Packhttp://code.msdn.microsoft.com/WindowsAPICodePack Greenlight Web Sitehttp://www.isvappcompat.com/uk UK DPE Briefings and Labshttp://blogs.msdn.com/ukisvdev/archive/2009/06/09/windows-7-application-compatibility-briefings-and-drop-in-clinic.aspx
© 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Recommandé

9 hernia
9 hernia9 hernia
9 herniaFerdinand Robert
 
Windows 7
Windows 7Windows 7
Windows 7ankur bhalla
 
AppSense EM 8.5 Deep Dive
AppSense EM 8.5 Deep DiveAppSense EM 8.5 Deep Dive
AppSense EM 8.5 Deep DiveDave Allen
 
AppSense Environment Manager 8.5 Beta
AppSense Environment Manager 8.5 BetaAppSense Environment Manager 8.5 Beta
AppSense Environment Manager 8.5 BetaDave Allen
 
WPF & Silverlight UI
WPF & Silverlight UIWPF & Silverlight UI
WPF & Silverlight UIDave Allen
 
WPF & Silverlight Intro
WPF & Silverlight IntroWPF & Silverlight Intro
WPF & Silverlight IntroDave Allen
 
Silverlight 2.0
Silverlight 2.0Silverlight 2.0
Silverlight 2.0Dave Allen
 
ASP.NET 3.5 SP1
ASP.NET 3.5 SP1ASP.NET 3.5 SP1
ASP.NET 3.5 SP1Dave Allen
 

Recommandé

9 hernia
9 hernia9 hernia
9 herniaFerdinand Robert
 
Windows 7
Windows 7Windows 7
Windows 7ankur bhalla
 
AppSense EM 8.5 Deep Dive
AppSense EM 8.5 Deep DiveAppSense EM 8.5 Deep Dive
AppSense EM 8.5 Deep DiveDave Allen
 
AppSense Environment Manager 8.5 Beta
AppSense Environment Manager 8.5 BetaAppSense Environment Manager 8.5 Beta
AppSense Environment Manager 8.5 BetaDave Allen
 
WPF & Silverlight UI
WPF & Silverlight UIWPF & Silverlight UI
WPF & Silverlight UIDave Allen
 
WPF & Silverlight Intro
WPF & Silverlight IntroWPF & Silverlight Intro
WPF & Silverlight IntroDave Allen
 
Silverlight 2.0
Silverlight 2.0Silverlight 2.0
Silverlight 2.0Dave Allen
 
ASP.NET 3.5 SP1
ASP.NET 3.5 SP1ASP.NET 3.5 SP1
ASP.NET 3.5 SP1Dave Allen
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphNeo4j
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by HubspotMarius Sescu
 
Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTEverything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTExpeed Software
 

Contenu connexe

Dernier

04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphNeo4j
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 

Dernier (20)

04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 

En vedette

2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by HubspotMarius Sescu
 
Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTEverything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTExpeed Software
 
Product Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsProduct Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsPixeldarts
 
How Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthHow Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthThinkNow
 
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfAI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfmarketingartwork
 
PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024Neil Kimberley
 
Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)contently
 
How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024Albert Qian
 
Social Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsSocial Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsKurio // The Social Media Age(ncy)
 
Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Search Engine Journal
 
5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summarySpeakerHub
 
ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd Clark Boyd
 
Getting into the tech field. what next
Getting into the tech field. what next Getting into the tech field. what next
Getting into the tech field. what next Tessa Mero
 
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentGoogle's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentLily Ray
 
Time Management & Productivity - Best Practices
Time Management & Productivity - Best PracticesTime Management & Productivity - Best Practices
Time Management & Productivity - Best PracticesVit Horky
 
The six step guide to practical project management
The six step guide to practical project managementThe six step guide to practical project management
The six step guide to practical project managementMindGenius
 
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...RachelPearson36
 

En vedette (20)

2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot
 
Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTEverything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPT
 
Product Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsProduct Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage Engineerings
 
How Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthHow Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental Health
 
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfAI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
 
Skeleton Culture Code
Skeleton Culture CodeSkeleton Culture Code
Skeleton Culture Code
 
PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024
 
Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)
 
How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024
 
Social Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsSocial Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie Insights
 
Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024
 
5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary
 
ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd
 
Getting into the tech field. what next
Getting into the tech field. what next Getting into the tech field. what next
Getting into the tech field. what next
 
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentGoogle's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search Intent
 
How to have difficult conversations
How to have difficult conversations How to have difficult conversations
How to have difficult conversations
 
Introduction to Data Science
Introduction to Data ScienceIntroduction to Data Science
Introduction to Data Science
 
Time Management & Productivity - Best Practices
Time Management & Productivity - Best PracticesTime Management & Productivity - Best Practices
Time Management & Productivity - Best Practices
 
The six step guide to practical project management
The six step guide to practical project managementThe six step guide to practical project management
The six step guide to practical project management
 
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
 

Windows 7 Application Compatibility

  • 1. Windows 7Application Compatibility Dave Allen ISV Application Architect Microsoft UK Dave.Allen@microsoft.com
  • 2. Agenda Why your application might not work User Account Control New Folder Locations Windows Resource Protection Mandatory Integrity Control User Interface Privilege Isolation Internet Explorer Protected Mode OS and IE Versioning Session 0 Isolation Some less common issues
  • 3. Some of the cool stuff in Windows 7 Demo
  • 4. Why: User Account Control OS is at risk from today’s malware when user is running as Administrator Ease with which malware can self-install Privilege elevation through security holes in software Extent of damage caused by malware is potentially greater Other issues Accidental damage caused by user
  • 5. How: User Account Control With Windows 7 all users run as Standard User by default, including members of Admin group Only true for interactive logins; services continue to run as before in Windows XP
  • 6. How: User Account Control (cont.) Two tokens are created at logon (split token) Standard User Token Administrator SID set as Deny Only (can still be used to deny access, but not to grant) Runs with medium integrity level (IL) Most privileges removed (e.g. SeDebugPrivilege) Administrator Token Administrator SID has all rights assigned Runs with high integrity level (IL) All privileges are present
  • 7. How: User Account Control (cont.) Standard User Token is used until explicit consent is given, then Administrator Token is used (Consent UI) for that particular process Supporting feature: Unnecessary Administrator checks (in XP) have been removed Example: Change time zone
  • 8. UAC: Elevation Details Re-parented Standard User or ProtectedAdministrator System Full Administrator ShellExecute(elevatedapp.exe) CreateProcessAsUser(elevatedapp.exe) explorer.exe AppInfo Service elevatedapp.exe RPC RPC consent.exe
  • 11. UAC: Running Apps Elevated Right click program  Run as administrator Compatibility fix (shim) or mode Program properties  Compatibility tab  Run as administrator RunAsAdmin shim in system shim database Installer detection Heuristics such as string containing “Setup”, “Install”, or “Update” in: Executable name Resource strings MSIs are always detected as installers
  • 12. UAC: Running Apps Elevated (cont.) Application designed for Windows 7 UAC manifest with <requestedExecutionLevel> All applications should have one Removes application compatibility overhead (some Shims, PCA, virtualization) at run time Internal manifest (compiled into the application) Build manifest into application binary Takes precedence External manifest (added as a separate file) MyApp.exe.manifest Unsupported, avoid!
  • 13. UAC: Internal Manifest (cont.) requireAdministrator The application runs only for administrators and requires that the application be launched with the full token of an administrator asInvoker The application runs with the same token as the parent process highestAvailable The application runs with the highest privileges the current user can obtain
  • 14. UAC: Internal Manifest (cont.) Extract application manifest from executable if it exists: mt -inputresource:elevatedapp.exe;#1 -out:extracted.manifest Modify the manifest to add UAC request <?xml version="1.0" encoding="utf-8"?> <asmv1:assembly manifestVersion="1.0" xmlns="urn:schemas-microsoft-com:asm.v1" xmlns:asmv1="urn:schemas-microsoft-com:asm.v1" xmlns:asmv2="urn:schemas-microsoft-com:asm.v2" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <assemblyIdentity version="1.0.0.0" name="MyApplication.exe"/> <trustInfoxmlns="urn:schemas-microsoft-com:asm.v2"> <security> <requestedPrivilegesxmlns="urn:schemas-microsoft-com:asm.v3"> <requestedExecutionLevel level="asInvoker" uiAccess="false" /> </requestedPrivileges> </security> </trustInfo> </asmv1:assembly> Insert the modified manifest back into the executable: mt -manifest elevatedapp.exe.manifest -outputresource:elevatedapp.exe;#1
  • 15. Side topic: Compatibility manifest Modify the manifest to add OS target <?xml version="1.0" encoding="utf-8"?> <asmv1:assembly manifestVersion="1.0" xmlns="urn:schemas-microsoft-com:asm.v1" xmlns:asmv1="urn:schemas-microsoft-com:asm.v1" xmlns:asmv2="urn:schemas-microsoft-com:asm.v2" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <assemblyIdentity version="1.0.0.0" name="MyApplication.exe"/> <compatibility xmlns="urn:schemas-microsoft-com:compatibility.v1"> <application> <!—- The ID below indicates application support for Windows 7 --> <supportedOS Id="{35138b9a-5d96-4fbd-8e2d-a2440225f93a}"/> </application> </compatibility> </asmv1:assembly>
  • 16. Combined Manifest Combined UAC and compatibility manifest <?xml version="1.0" encoding="utf-8"?> <asmv1:assembly manifestVersion="1.0" xmlns="urn:schemas-microsoft-com:asm.v1" xmlns:asmv1="urn:schemas-microsoft-com:asm.v1" xmlns:asmv2="urn:schemas-microsoft-com:asm.v2" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <assemblyIdentity version="1.0.0.0" name="MyApplication.exe"/> <trustInfoxmlns="urn:schemas-microsoft-com:asm.v2"> <security> <requestedPrivilegesxmlns="urn:schemas-microsoft-com:asm.v3"> <requestedExecutionLevel level=“asInvoker" uiAccess="false" /> </requestedPrivileges> </security> <compatibility xmlns="urn:schemas-microsoft-com:compatibility.v1"> <application> <!—- The ID below indicates application support for Windows 7 --> <supportedOS Id="{35138b9a-5d96-4fbd-8e2d-a2440225f93a}"/> </application> </compatibility> </trustInfo> </asmv1:assembly>
  • 17. UAC: UI Design for Elevation Send the BCM_SETSHIELD message to a button control, using SendMessage Button.FlatStyle has to be set to System Fails for owner-drawn buttons Get icon and render in owner draw handlerHICON shieldIcon = LoadIcon(null, IDI_SHIELD); Unmanaged code (C++) SendMessage call can be invoked more easily using the Button_SetElevationRequiredState macro Managed code (C#, VB.NET) Use SystemIcons.Shield
  • 18. Elevation, Manifests, and UI Design Demo
  • 19. Why: Program Compatibility Assistant Program Compatibility Assistant (PCA) automates mitigation of some UAC (and more) compatibility issues Attempts to detect if a program is an installer Client-only feature – not in Server PCA monitors attempts to: Create a sub folder in “Program Files” Copy exe or dll files into the new folder Overwrite system files Not writing to the “Program Database” Etc…
  • 20. How: Program Compatibility Assistant If PCA detects a compatibility issue it… Notifies the user AND Applies a solution (high confidence) OR Offers to apply a solution (medium confidence)
  • 21. UAC: Virtualization Redirects privileged file access to C:sersusername%ppDataocalirtualStore C:rogram Files C:indows Redirects registry access from HKLM to HKCUoftwarelassesirtualStoreACHINE Adding a manifest disables virtualization and the Program Compatibility Assistant (PCA)
  • 22. UAC: Virtualization (cont.) Redirection is “sticky” – reads are re-directed Deleting all virtual copies removes the “stickiness” Elevated process not affected Side effects: multiple virtualized copies (one per user and one for admin)
  • 24. UAC: Symptoms Explicit access right error message Event Log contains security or application messages indicating security problems Application crashes, fails to install, or fails to update for automatic updater Application fails to remember saved settings Symptoms vary widely and are difficult to diagnose
  • 25. UAC: Investigation Determine whether application was designed to run as administrator Run as administrator – does it work? Run as standard user – check redirection locations C:sersusername%ppDataocalirtualStore HKCUoftwarelassesirtualStoreACHINE Event Log – logs relevant UAC Process Monitor (Procmon) for failed access http://technet.microsoft.com/en-gb/sysinternals/bb896645.aspx
  • 27. UAC: MSI’s Symptom MSI with a custom action fails with a UAC error despite elevation Cause MSI contains custom action that impersonates the user (default) Example: ActionType=1025 msidbCustomActionTypeInScript (0x400) delayed msidbCustomActionTypeDll (0x1) = 0x401 msidbCustomActionNoImpersonate (0x800) not set
  • 28. UAC: MSI’s (cont.) Fixes Redesign to select not impersonating user Set bit msidbCustomActionNoImpersonate (0x800) Example : ActionType 1025 (0x401) becomes 3073 (0xC01) Edit MSI with Orca.exe to change the right ActionType fields Run from elevated command prompt
  • 30. UAC: Self-extracting installer Symptom Self-extracting EXE or custom wrapper runs elevated and executes a script, but script fails Cause UAC prompt occurs on self-extracting EXE or custom wrapper, but elevated privileges are not transferred to script Fixes Redesign to use MSI Run from elevated command prompt Creates an elevated script engine
  • 31. UAC: Checking for admin rights Symptoms Many – from minor feature misbehavior to crash Causes Applications uses IsUserAnAdmin, CheckTokenMembership “BUILTINdministrators” and similar APIs APIs return false when not elevated Mitigation Shim ForceAdminAccess or ProtectedAdminCheck Fix GetTokenInformation API TokenElevation (elevated or not) TokenElevationType (default, full or limited)
  • 32. UAC: User COM Objects Symptoms Elevated application cannot instantiate COM object Regular application can instantiate the same COM object Cause COM object is registered per user HKEY_CLASSES_ROOT is a virtual registry hive HKCUoftwarelasses take precedence in Windows XP and for medium and low integrity processes in Windows 7 HKCUoftwarelasses is NEVER used for high integrity processes (elevated) in Windows 7 Prevents user configuring malicious COM object and tricking elevated task into executing code. Mitigation Applications that will require administrator rights should register any COM objects during installation to HKLMoftwarelasses.
  • 33. UAC: Mapped Network Drives Symptoms Regular mapped network drives (and SUBST) are not visible when running elevated Drives mapped from an elevated prompt are not visible in standard processes (including Explorer) Causes Mappings attached to logon session Mapped Network drives are only valid in the context of the user token that mapped them Two sets of mapping for split token situation
  • 34. UAC: Mapped Network Drives (cont.) Mitigation Automatic mitigation for installers accessing remote drive Map each drive in the context of the regular token and elevated token Registry entry HKLMOFTWAREicrosoftindowsurrentVersionoliciesystemnableLinkedConnections = (dword)1 http://support.microsoft.com/kb/937624
  • 36. New Folder Locations “My Documents” and other user folder locations are changed to provide a better user experience The user data is now stored in: ‘sersusername% folder structure Pictures, Music, Documents, Desktop, and Favorites are all new folders directly under this structure The “My “ prefix was dropped from Documents, Music, etc. “All Users” became “Public” and “rogramData”
  • 37. New Folder Locations (cont.) Differentiation between User and App data User does not directly interact with app data Identify specific locations using ShGetFolderPath or SHGetKnownFolderPath System.Environment namespace Shared User Data (Documents) C:sersublicocuments CSIDL_COMMON_DOCUMENTS FOLDERID_PublicDocuments
  • 38. New Folder Locations (cont.) Per User Data (Documents) C:sersusername%ocuments CSIDL_MYDOCUMENTS FOLDERID_Documents SpecialFolder.MyDocuments
  • 39. New Folder Locations (cont.) Shared Application Data C:rogramDatayAppName %AllUsersProfile%yAppName CSIDL_COMMON_APPDATA FOLDERID_ProgramData SpecialFolder.CommonApplicationData Set permissions (ACL) for folders in shared application data area during install
  • 40. New Folder Locations (cont.) Per User Application Data (local) C:sersusername%ppDataocal %LOCALAPPDATA% CSIDL_LOCAL_APPDATA FOLDERID_LocalAppData SpecialFolder.LocalApplicationData
  • 41. New Folder Locations (cont.) Per User Application Data (roaming) C:sersusername%ppDataoaming %APPDATA% CSIDL_APPDATA FOLDERID_RoamingAppData SpecialFolder.ApplicationData
  • 42. New Folder Locations (cont.) Localization Changes Localized folder names used to be the actual name (i.e., “C:rogramme”) and an English name was not provided In Windows 7, all folders have English names (i.e., “C:rogram Files”) and a junction point with the localized name is provided (i.e., “C:rogramme”) Explorer displays the localized name for the actual directory
  • 43. New Folder Locations: Mitigation Directory junctions Provides backward compatibility for hard-coded paths ‘Documents and Settings’  ‘Users’ ‘My Documents’  ‘Documents’ ‘Programme’  ‘Program Files’
  • 44. New Folder Locations: Fixes Never hard code absolute paths AppVerifier includes a test Script: environment variables Unmanaged code (C++/C) ShGetFolderPath function (CLSID_...) SHGetKnownFolderPath (FOLDERID_...) Vista and later Managed code (C#, VB.NET) System.Environment.GetFolderPath EnumSystem.Environment.SpecialFolder Microsoft.VisualBasic.FileIO.SpecialDirectories My.Computer.FileSystem.SpecialDirectories
  • 45. Q & A
  • 46. Why: Windows Resource Protection Core operating system files and registry keys can be overwritten with older versions or malicious code causing serious stability and security issues Windows Resource Protection (WRP) is designed to protect those objects from being overwritten Increases system stability, predictability, and reliability Replaces Windows File Protection in Windows XP
  • 47. How: Windows Resource Protection Updates to protected resources restricted OS trusted installers (Windows Update) ACL on resources Affects specific files, folders, and registry keys Majority of core OS modules (EXE and DLL) Majority of core OS HKCR Registry Keys Folders used exclusively by OS resources
  • 49. Mandatory Integrity Control Windows 7 implements Mandatory Integrity Control (MIC) Processes run at one of four Integrity Levels: System processes run at System IL Applications that require administrative privileges run at High IL Standard applications run at Medium IL Restricted apps run at Low IL Securable objects (Files, Processes, Windows Stations, Message queues) define the minimum IL for a process to access them Default IL for objects: Medium
  • 50. User Interface Privilege Isolation UIPI uses MIC’s Integrity Levels to restrict sending window messages Applications cannot send messages to other applications running at a higher integrity level Higher application can allow access SendMessage returns success to mitigate failures Where compatibility impact is high, lower IL applications can be manifested to opt out of UIPI Manifested Signed (authenticated) Installed in “Program Files”
  • 51. MIC and UIPI Objects Processes High High High IL Process Medium Medium Medium IL Process Low Low Low IL Process Read Write Send
  • 52. Integrity Levels Security IDs (SIDs) for integrity levels RID defines the integrity level Low: S-1-16-4096 (0x1000) Medium: S-1-16-8192 (0x2000) High: S-1-16-12288 (0x3000) System: S-1-16-16384 (0x4000)
  • 53. Install an ActiveXcontrol Exploit can install MALWARE Change Settings, Download a Picture Exploit can install MALWARE Cache Web content Why: IE Protected Mode IExplore.exe Admin-Rights Access HKLM Program Files User-Rights Access HKCU My Documents Startup Folder Temp Internet Files Untrusted files & settings
  • 54. How: IE Protected Mode In Windows 7, Microsoft Internet Explorer 8 runs in Protected Mode (IEPM) for non-trusted sites (installation default) IE runs as separate process instances for different protection modes Prevents buffer overflow exploits from affecting higher trust level sites Required by IEPM’s underlying mechanism: Mandatory Integrity Control (MIC) User Interface Privilege Isolation (UIPI)
  • 55. How: IE Protected Mode (cont.) Integrity Levels (IL) for IE IEPM: Low Integrity Level Unprotected: Medium Integrity Level Low-integrity processes (such as IEPM) can only write to folders, files, and registry keys that are also marked as low-integrity Temporary Internet Files folder %TEMP%ow History folder Cookies folder Favorites folder Windows Temporary Files folders %userprofile%ppDataocalLow
  • 56. IEPM: Compatibility Impact Attempts by ActiveX controls to modify medium and higher IL objects fail e.g. writing to the user’s Documents folder ActiveX controls fail to install Automatic mitigations
  • 57. Install an ActiveX control Change settings, Drag and Drop Cache Web content Redirected settings & files Compat Layer IEPM: Automatic Mitigation IExplore in Protected Mode Integrity Control and UIPI IEInstall.exe Admin-Rights Access HKLM HKCR Program Files IEUser.exe User-Rights Access HKCU My Documents Startup Folder Temp Internet Files Untrusted files & settings
  • 58. IEPM: Manual Mitigation Redesign the site to function properly in Protected Mode Add site to trusted sites Protected Mode is not enabled for trusted sites Use ActiveX Install Services (AXIS) for enterprise deployments
  • 59. AXIS: How it works IE parses a page that requires an ActiveX control If the user is a Standard User, the AXIS is called The AXIS will perform a lookup in the Allowed Installation Sites list deployed via Group Policy If the Host URL is within policy, the control will be downloaded by the service If the control meets the signing criteria, it will be installed as the LocalSystem account
  • 60. AXIS: Enabling the Service AXIS is an optional component that must be enabled Deploy through SMS Run cmd.exe as Administrator, then run this command: ocsetup.exe AxInstallService Control Panel Programs  Turn Windows Features On or Off
  • 61. AXIS: Configuring the Policy Run gpedit.msc Navigate to Computer Settings Administrative Templates Windows Components ActiveX Installer Services Enter Host URL and policy for each trusted site Must specify protocol: http or https(preferred) Example: http://download.microsoft.com Best Policy 2, 1, 0, 0
  • 62. Q & A
  • 63. Windows and IE Versions Internal version number for Windows 7 is 6.1 – this is what is returned by GetVersion() Version number for Internet Explorer is 8.0 Version number is included in User Agent String User Agent String is included in HTTP header
  • 64. Windows Version Mitigation Compatibility mode is provided in Windows 7 Users can right-click the shortcut or the EXE and apply the Windows XP SP2 compatibility mode from the Compatibilitytab. This applies multiple shims including “WinXPSP2VersionLie” PCA automates step for installers Better: Apply the shim “WinXPSP2VersionLie” In many cases, applications will work the same way they did in Windows XP and there is no need for changes to them
  • 65. Windows Version Mitigation (cont.) 'Reinstall using recommended settings' Applies the Windows XP compatibility mode and restarts the program The fix is effective for all users (stored in HKLM)
  • 66. Windows Version Remediation Applications should not perform version checks for equality, e.g. == 5.1 If you need a specific feature, check whether the feature is installed or available If you need Windows XP, check for Windows XP or later (>= 5.1) Exceptions to this occur when there is a very specific business, or legal need to do a version check, such as a regulatory body requires you to certify your application for each operating system and version
  • 68. IE8 Version Symptoms Web sites may render incorrectly CSS and JavaScript compliance changes Renders in IE8 Standards Mode for Internet sites Web sites that check the User Agent String for the IE version will get higher version number Web sites might refuse to load Web Sites might reduce functionality
  • 69. IE8 Version Mitigations IE7 Compatibility Mode Default setting for intranet sites Can be controlled from the server For a single Web Page For a directory, application, or site Add <meta http-equiv="X-UA-Compatible" content="IE=EmulateIE7" /> to the page or response header See http://support.microsoft.com/kb/968499 for different options
  • 70. IE7 Compatibility Mode In a Web Page <html> <head> <title>My Web Page</title> <!-- Use IE7 mode --> <meta http-equiv="X-UA-Compatible" content="IE=EmulateIE7”/> </head> <body> <p>Content goes here.</p> </body> </html>
  • 71. IE7 Compatibility Mode In the web.config <?xml version="1.0" encoding="utf-8"?> <configuration> <system.webServer> <httpProtocol> <customHeaders> <clear /> <add name="X-UA-Compatible" value="IE=EmulateIE7”/> </customHeaders> </httpProtocol> </system.webServer> </configuration>
  • 72. IE8 Standards Mode In a Web Page <html> <head> <title>IE8 Standards Mode Web Page</title> <!-- Use IE8 Standards Mode --> <meta http-equiv="X-UA-Compatible" content="IE=IE8”/> </head> <body> <h1>Hi from IE8 Standards Mode</h1> </body> </html>
  • 73. Expression SuperPreview Stand-alone visual debugging tool Shows web pages rendered in IE 6 and either IE 7 or 8, depending on which version you have installed on your machine. View pages side by side or as an onion-skin overlay and use rulers, guides and zoom/pan tools to precisely identify differences in layout.
  • 75. Sessions in Windows XP/ Server 2003 Session 0 Window Station Desktop Services 1st User’sWindow 1st User’sWindow 1st User’sWindow Screen Saver Login
  • 76. Sessions in Windows 7 Session 0 Session 1 Window Station Window Station Desktop Desktop Service 1st User’sWindow 1st User’sWindow Service 1st User’sWindow Screen Saver Login Secure
  • 77. Session 0: Compatibility Impact A service and a user application that use window message functions (e.g. SendMessage, PostMessage) to communicate will silently fail A service and a user application that use local objects to communicate will silently fail A service that uses a UI to interact with the user will display the UI on a special desktop which is inaccessible Applications that work with Fast User Mode Switching will probably continue to work
  • 79. Less Common Issues Painting Behavior Deprecated Components Managed Code for .NET 1.x 64-bit Vista
  • 80. Painting behavior Why: To improve user experience How: All top-level windows are rendered to an off-screen bitmap; Desktop Window Manager combines the images to draw the desktop Impact: Some applications will render incorrectly Mitigation: Disable desktop composition Apply shim “DisableDWM” Properties -> Compatibility Tab -> Disable desktop composition Fixes: Redesign application to not assume that it is rendering directly to the screen
  • 82. Deprecated components Windows Help (WinHlp32.exe) Available as a download CHM is now the preferred option Graphical Identification and Network Authentication (GINA) modules Removal of Windows Mail Disables CoStartOutlookExpress File associations (.eml, .nws, .contact, .group, .wab, .p7c, .vfc) are broken or disabled Install Windows Live Mail
  • 83. Deprecated components (cont.) Removal of Windows Movie Maker Install Windows Live Movie Maker Microsoft Agent technologies  Removal of Windows Registry Reflection PCA instruments CoCreateInstance API and the Loader (NTDLL) Detect load failures on deprecated COM objects and DLLs respectively Uses Windows Error Reporting (WER) to retrieve Knowledge Base article or link to download deprecated component
  • 84. Managed code for .NET 1.x Symptom Managed code written for .NET 1.x fails (error message or crash) Cause Application depends on .NET 1.x feature AND Application does not specify <supportedRuntime> or <requiredRuntime> in configuration file Note: .NET 1.0 did not support <supportedRuntime> Fix Add <supportedRuntime version="v1.1.4322"/> to <appname>.exe.config
  • 85. Managed code for .NET 1.x Symptom Managed code written for .NET 1.x fails (error message or crash) Cause Application depends on .NET 1.x feature AND Application does not specify <supportedRuntime> or <requiredRuntime> in configuration file Note: .NET 1.0 did not support <supportedRuntime> Fix Add <supportedRuntime version="v1.1.4322"/> to <appname>.exe.config
  • 86. 64 bit WoW64 allows 32-bit applications to run on 64-bit Windows, but compatibility issues may still exist Not supported 16-bit applications and installers Limited support for some installers 32-bit kernel mode drivers 32-bit user mode printer drivers Kernel patching (x64 only) Patchguard prevents applications from patching the Kernel. If this is detected, a shut down will be initiated Windows Server 2008 R2 – 64 bit ONLY
  • 87. Windows 7 Logo Program Benefits Compatibility message to your customers Joint marketing Partner Points Requirements ISVs must sign up to receive their crash data from WER Use AppVerifier as part of development lifecycle Install to correct folder locations Sign binary executables Include a manifest and run as a standard user Support Restart Manager 64 bit support Etc...
  • 88. Windows 7 Logo Program Roadmap Follow these steps to verify that your application complies with the Windows 7 Client Software Logo technical requirements: Download and install the Windows 7 Client Software Logo Toolkit Run the Toolkit to validate your application Ensure the application adheres to all policies Accept and sign all legal agreements Opt in to receive communications from Microsoft about your product(s) Mail a licensed copy of your software to Microsoft Upon successful completion of validation testing submit the results to Microsoft
  • 89. Tools, documentation, and help Application Verifierhttp://go.microsoft.com/fwlink/?linkid=11573 Standard User Analyzer http://www.microsoft.com/downloads/details.aspx?FamilyId=24DA89E9-B581-47B0-B45E-492DD6DA2971&displaylang=en Windows 7 Application Quality Cookbookhttp://code.msdn.microsoft.com/Release/ProjectReleases.aspx?ProjectName=Windows7AppQuality&ReleaseId=1734 Windows 7 Training Kit for Developershttp://www.microsoft.com/downloads/details.aspx?FamilyID=1C333F06-FADB-4D93-9C80-402621C600E7&displaylang=en Application Compatibility Forumhttp://social.msdn.microsoft.com/Forums/en-US/windowscompatibility/threads/
  • 90. Call to action Get ready for Windows 7 deployments Test your applications on Windows 7 Make use of resources that are available now Joint marketing Free technical support Free App Compat Labs Latest tools Active discussion forums Tell Microsoft and your customers Update Greenlight Web Site Consider Window 7 Logo certification
  • 91. Resources Windows Application Compatibilityhttp://msdn.microsoft.com/en-us/windows/aa904987.aspx Developer for Windows 7 on MSDN http://msdn.microsoft.com/en-us/windows/dd433113.aspx IE8 Readiness Toolkithttp://www.microsoft.com/windows/internet-explorer/readiness/developers-new.aspx Windows API Code Packhttp://code.msdn.microsoft.com/WindowsAPICodePack Greenlight Web Sitehttp://www.isvappcompat.com/uk UK DPE Briefings and Labshttp://blogs.msdn.com/ukisvdev/archive/2009/06/09/windows-7-application-compatibility-briefings-and-drop-in-clinic.aspx
  • 92. © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Notes de l'éditeur

  1. Docking windowsMinimize all windowsShow desktopLive Preview – IEPeek Preview – Media playerThumbnail toolbar – Media player
  2. OTS - Over the Shoulder PromptsExplain colors
  3. Show application elevationShow heuristics to detect an installerShow adding a manifest with Visual Studio 2008Show Task ManagerUI