Deployment in Visual C++ 2010
When you deploy an application to another computer, you must install the application itself and any library files that the application depends on. Visual C++ 2010 gives you three ways to deploy the Visual C++ runtime with an application: central deployment, local deployment, or static linking.
Central deployment means that your Visual C++ DLLs are installed in the System32 directory. To centrally deploy your application, you can use one of the following:
The VCRedist_architecture.exe command-line tool, where architecture is x32, x64, or ia64.
VCRedist_architecture.exe installs all libraries for the specific hardware platform. Merge modules, or .msm files, provide a standard method by which developers deliver shared Windows Installer components and setup logic to their applications.
The main advantage of central deployment is emergency serviceability. If a critical security vulnerability is discovered, Microsoft automatically updates library files that are centrally-deployed.
Local deployment means that your application's library files are installed in the application folder. To deploy your application locally, simply copy the executable file and its associated library files into a folder.
Different library versions can exist side-by-side because the filenames contain the version number (for example, version 10 of the CRT DLL is msvcr100.dll).
Unlike centrally-deployed libraries, local libraries are not updated automatically by Microsoft. If you decide to use local deployment, you should also implement your own method of updating libraries.
You can statically link your application to any library (such as CRT, MFC, or ATL) to produce an executable that has no dependencies on DLLs. The advantage of static linking is that deploying your application can be copied from one computer to another without also having to copy library files. If you use static linking and Microsoft updates the library that you linked to, your application cannot use the updated library.
In case of a security vulnerability, Microsoft provides a hotfix, which is a patched version of the affected library. It is the application writer's responsibility to deploy the hotfix on the computers that have the vulnerable library.
If the security vulnerability is deemed critical and requires emergency servicing, Microsoft will use Microsoft Update to service all machines that have the specific Visual C++ library installed centrally. If your application uses local library files, you must make your own provisions for emergency servicing.
The most significant changes between Visual C++ 2008 and Visual C++ 2010 are:
Visual C++ libraries no longer depend on manifests and are no longer installed in the WinSxS folder.
Dependent applications and libraries no longer require manifest information.
Local deployment no longer requires a satellite manifest.
Loading of local Visual C++ libraries cannot be redirected to a central location.
Emergency servicing applies only to centrally-deployed libraries.
To diagnose loader issues, use depends.exe or where.exe. The loading order of Visual C++ libraries is system-dependent. For more information, see Dynamic-Link Library Search Order (Windows).