Section 13.3. Registry Protection in Windows Vista

Many of the changes made in Windows Vista have to do with safety and security, and with ensuring that the operating system doesn't accidentally become damaged. Toward that end, in Windows Vista, only accounts with administrator privileges can make changes to the Registry. This affects not just editing the Registry directly, but also taking an action that will change the Registry, such as installing software.

So, what happens when a standard user wants to edit the Registry or make a change that affects the Registry? Windows Vista handles that in several ways:

  • When a standard user tries to run the Registry Editor, User Account Control (UAC) springs into action, asking for an administrator password. If one is provided, the Registry Editor can be used and changes made. If none is provided, the Registry Editor will not be allowed to run, and no changes will be made.

  • When a standard user installs software, UAC will ask for an administrator password. If the user provides one, the software will make the appropriate changes to the %SystemRoot% and %ProgramFiles% folders and to the Registry.

  • If a legacy application fails to work correctly with UAC, Vista will use a new feature called file and Registry virtualization. This will create virtual %SystemRoot% and %ProgramFiles% folders, and a virtual HKEY_LOCAL_MACHINE Registry entry. These virtual folders and entry are stored with the user's files. So the Registry itselfas well as the %SystemRoot% and %ProgramFiles% foldersare not altered in any way, so system files and the Registry are protected.

Part II: Nutshell Reference