Be Rock Solid
Windows Vista® has been redesigned from the foundation up to provide increased security, reliability, and manageability. With Windows Vista, we’re bringing a new level of confidence to the desktop experience.
From the user perspective, it means that a computer just works—as expected, no surprises—it does exactly what you expect it to do.
From a developer perspective, it’s about really delivering on the basics and providing a platform for rock-solid applications.
Properly leveraging these advantages in Windows Vista requires an understanding of the technologies that Windows Vista provides in three areas: security, reliability and management, and error reporting.
Windows Vista provides a range of enhancements to the Windows security model. The Windows security model includes many technologies, features, and tools.
This high-level overview of the new security features in Windows Vista is a good place to start learning about Windows Vista Security:
User Account Control
Under User Account Control in Windows Vista, by default, all interactive processes run as standard user by default, even if they are launched by a member of the Administrators group. Developers should understand how UAC works and how it can impact their applications.
Windows Vista Application Development Requirements for User Account Control Compatibility The definitive source of UAC information.
A broader, IT Pro view of UAC, provided by TechNet.
While no longer active (it was rolled into the Windows Vista Security blog when Windows Vista was released), the UAC team blog provides an interesting view of many aspects of how UAC evolved.
Provides a guide for designing applications where the root process runs as a standard user and launches privileged operations in a separate process.
Explains how the COM elevation moniker allows applications that are running under a limited user account to activate COM classes with elevated privileges.
Explains another supported mechanism for elevating privileges.
Describes application compatibility issues and remedies that result from updating applications to work with UAC.
Includes a large amount of practical User Account Control information for developers.
Internet Explorer Protected Mode
On Windows Vista, Microsoft Internet Explorer® 7 (IE7) runs in what is referred to as Protected Mode, which helps protect users from attack by running with greatly restricted privileges.
Protected Mode in IE relies on three security features introduced in Windows Vista: User Account Control, Mandatory Integrity Control (MIC), and User Interface Privilege Isolation (UIPI).
UAC is discussed in the preceding section.
MIC assigns integrity levels to users and securable objects, allowing an additional security distinction beyond privilege level.
UIPI comes into effect for a user who is a member of the Administrators group that may be running applications with least privilege (sometimes referred to as a process with a filtered token), and also for processes running with full administrative privileges on the same desktop. UIPI prevents lower privilege processes from accessing higher privilege processes.
Explains how to enable applications to run in IE7 on Windows Vista.
Explains how to develop extensions and add-ons for IE7 that can interact with the file system and registry and work correctly within Internet Explorer 7 in Protected Mode low integrity (Low IL) process.
Explains Mandatory Integrity Control and UI Privilege Isolation in the context of Protected Mode.
A great source of information for all things IE–related.
Cryptography Next Generation API
Cryptographic Next Generation (CNG) provides a set of APIs that can be used to perform basic cryptographic operations, cryptographic key storage and retrieval operations, and configuration of cryptographic providers. It also enables custom cryptography algorithms to be plugged into CNG via a simple extensibility mechanism. It is the long-term replacement for the CryptoAPI and is supported in Windows Vista and later releases of the Windows operating system.
Any application can use Transactional NTFS (TxF) to preserve the integrity of data on disks caused by unexpected error conditions, isolate changes from others while the changes are being made, and help resolve concurrent file-system user scenarios.
Parental Controls for Windows Vista
Parental Controls is a consumer-targeted feature that provides functionality to monitor and limit exposure of selected computer users to online dangers and inappropriate content. The Parental Controls API provides access to policy and restrictions settings, and logging functionality.
A good starting place for developers building consumer applications.
Windows Filtering Platform API
The Windows Filtering Platform API enables developers to write code that interacts with the filtering that takes place at several layers in the networking stack and throughout the operating system. It also integrates with and provides support for firewall features—such as authenticated communication and dynamic firewall configuration—based upon applications' use of sockets API (an application-based policy).
An application compatibility article about Windows Filtering Platform (WFP).
Network Address Protection API
The Network Address Protection platform provides an integrated way of detecting the state of a network client attempting to connect to a network and restricting the access of that network client until the policy requirements for connecting to the network have been met. It is an extensible platform, providing an infrastructure and an API set for adding components that verify and amend a computer's health and that enforce existing policy systems.
Certificate Enrollment API
The new Certificate Enrollment API enables developers to create client applications that can be used to request and install certificates. This new COM API replaces the ones previously provided in Xenroll.dll, which has been deprecated and is no longer included in Windows Vista.
BitLocker Drive Encryption Provider
Windows Vista and Windows Server 2008 offer a provider interface in Windows Mgmt Instrumentation (WMI) for managing and configuring BitLocker™ Drive Encryption (BDE). It can be used by developers writing scripts, user interface components, or other administrative tools for BitLocker Drive Encryption.
Trusted Platform Module Provider
The Windows Vista Trusted Platform Module (TPM) Services architecture allows a rich, competitive environment to grow on top of TPM 1.2 technologies by providing robust infrastructure for accessing hardware-based security.
Winlogon Re-architecture and Credential Providers
Previous versions of Windows allowed developers to add a custom authentication DLL (called a Graphical Identification and Authentication DLL, or GINA) that would interface with authorization hardware. Fingerprint scanners, authentication key cards, and other authorization hardware that required a custom logon could use GINA DLLs to work with Windows.
The logon architecture for Windows Vista has changed significantly. For reliability reasons, plug-ins have been moved out of the Winlogon process space as much as possible (in the past, a poorly coded GINA DLL, for example, could crash the machine this way). In addition, the logon experience has been standardized.
Credential providers now fill the GINA roll on Windows Vista. Credential providers are designed to work with the new logon architecture and to work with multi-factor authentication (for instance, a smart card and a fingerprint scan).
GINA applications need to be re-authored to use Credential Provider APIs.
A great article to get oriented with Windows Vista and credential providers.
The application compatibility article about GINA and the re-architecture of Winlogon.
API reference documentation.
The Microsoft Shell Credential Provider alias.
Designed for Reliability and Manageability
Reliable applications behave as their users anticipate. Windows Vista offers many new developer services that make installing and running applications more predictable.
Windows Vista provides a Restart Manager that enables all but the most critical applications and services to be stopped and restarted at any time during application installation and updates. This feature gives installations the ability to release files that require an update without going through a complete system restart. Avoiding full system restarts dramatically speeds up installation. Additionally, the Restart Manager allows restarted applications to return to their previous state after their shared components have been updated.
Samples that demonstrate the Restart Manager are installed with the Windows Software Development Kit (SDK) at this location:
Program Files\Microsoft SDKs\Windows\v6.0\Samples\winbase\RestartManager
The Windows Vista Developer Story article.
A high-level description.
Installation and update guidelines for developers.
Event Logging System
The Event Logging System in Windows Vista has been rewritten for added performance and scalability. Windows Vista offers several new interfaces that provide programmatic access to the functionality available within the new Task Scheduler 2.0. These interfaces provide an easy way to define a task that performs an action when an event occurs. Event triggers enable users to specify an event query used to subscribe to events that are logged in an event log.
Transactional File System
Any application can use the Transactional File System in Windows Vista to preserve the disk integrity problems caused by unexpected error conditions, isolate a user's changes from others while the changes are being made, and help resolve concurrent file-system user scenarios.
Windows Remote Management
Windows Remote Management (WinRM) on Windows Vista can be used to obtain management data from local and remote computers through scripting or command line utilities.
Microsoft Management Console 3.0
Microsoft Management Console (MMC) 3.0 provides a programming platform for creating and hosting applications that manage Microsoft Windows-based environments. MMC now supports writing .NET snap-ins using Windows Forms.
Windows Vista Developer Story article.
Functional Discovery (FD) enables applications to discover the capabilities of new hardware and software that have been added to the system.
This system is uniform and allows applications to manage lists of devices or objects sorted by functionality or class.
Users also can take advantage of Function Discovery to discover the functions that their system can perform.
Task Scheduler 2.0
The Task Scheduler enables users to automatically perform routine tasks on a chosen computer. The Task Scheduler does this by monitoring whatever criteria are chosen to initiate the tasks (referred to as triggers) and then executing the tasks when the criteria is met.
The new Task Scheduler provides for the programmatic creation and scheduling of tasks.
Windows Power Shell
The new Windows Power Shell uses an admin-focused scripting language to control more than 130 standard command line tools and utilities. This enables an administrator to easily control system administration and accelerate automation.
Establish a Customer Feedback Loop
Use the Windows Feedback Platform to research and analyze application failure via the Windows Developer Portal.
Windows Vista provides an extensible error-reporting environment, integrated with a developer portal for viewing application reports. Developers can collect the data necessary to determine the top issues experienced by users running the applications, and then use the debug data provided to implement fixes.
Windows Error Reporting
Windows Vista has vastly improved its error reporting service, Windows Error Reporting (WER).
Users can customize their error reporting to check automatically for solutions as well as to view all problem reports and solutions in a central location.
Reports can be queued for later transmission if an internet connection is not immediately available.
Developers can use the new API to create reports for many types of events, not just application crashes and hangs. Developers also can create custom reports (including custom user interfaces).
Further, errors are reported to the Windows Quality Online Services site, detailed in the following section.
A good summary to become current with feature changes.
Developer-oriented article about WER.
Explains how users can use the Problem Reports and Solutions tool to check for solutions to hardware and software problems.
Windows Quality Online Services
Windows Quality Online Services (Winqual) is the point of access for developers to receive behavioral information about an application and, when necessary, request more detailed information from users.
The Winqual Web site.
Overview and compatibility information about Windows Vista Security.
Info about Windows CardSpace™, the Windows Vista identity metasystem.
A guide to creating applications compatible with Windows Vista.