How do I avoid UAC when my EXE file name contains the word "update"?

Question

I noticed the following phenomenon:

An executable built with Delphi 7 and part of the name including "Update" (e.g. "UpdateMyApp.exe") causes UAC to step in to display a warning like "do you want to allow the program to make changes to your computer".

This happens with a simple hello world application. Showing the file in explorer shows the shield symbol overlayed to the application icon.

As soon as you rename the exe the shield disappears and the application starts without warnings.

As mentioned this only happens to programs built with Delphi 7 and started on Windows 7 (I assume same on Vista) but not on e.g. WinXP.

A quick check with Delphi 2007 shows that this problem is gone.

Funny... scarying...

Besides renaming the file, what can I do to prevent this?

Answer 1

This behavior is caused because the applications build with Delphi 7 by default does not have a manifest, or have one with no requestedExecutionLevel attribute. Because of that Windows thinks that you need administrator access when your application name contains words like Setup or Update. this process is called Installer Detection Technology and was introduced alongside UAC with Windows Vista.

From the MSDN site:

Installer Detection only applies to:

1. 32 bit executables

2. Applications without a requestedExecutionLevel

3. Interactive processes running as a Standard User with LUA enabled

Before a 32 bit process is created, the following attributes are checked to determine whether it is an installer:

• Filename includes keywords like "install," "setup," "update," etc.
• Keywords in the following Versioning Resource fields: Vendor, Company Name, Product Name, File Description, Original Filename, Internal Name, and Export Name.
• Keywords in the side-by-side manifest embedded in the executable.
• Keywords in specific StringTable entries linked in the executable.
• Key attributes in the RC data linked in the executable.
• Targeted sequences of bytes within the executable.

Moreover Delphi 2007 by default include a manifest in your applications with the requestedExecutionLevel key.

This is a sample manifiest created by delphi 2007. You can see that this manifest has the requestedExecutionLevel attribute in the content.

<?xml version="1.0" encoding="UTF-8" standalone="yes"?> <assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">   <assemblyIdentity     type="win32"     name="CodeGear RAD Studio"     version="11.0.2902.10471"      processorArchitecture="*"/>   <dependency>     <dependentAssembly>       <assemblyIdentity         type="win32"         name="Microsoft.Windows.Common-Controls"         version="6.0.0.0"         publicKeyToken="6595b64144ccf1df"         language="*"         processorArchitecture="*"/>     </dependentAssembly>   </dependency>   <trustInfo xmlns="urn:schemas-microsoft-com:asm.v3">     <security>       <requestedPrivileges>         <requestedExecutionLevel           level="asInvoker"           uiAccess="false"/>         </requestedPrivileges>     </security>   </trustInfo> </assembly>