How to prevent Vista from requiring elevation on patch.exe?

From:
http://social.msdn.microsoft.com/Forums/en-US/windowsgeneraldevelopmentissues/thread/bf4f7dfa-5553-41d3-9c8e-311ee4a88599/

If you can add a manifest to the affected executable declaring a requestedExecutionLevel of 'asInvoker' it should stop prompting.

Associated guide on UAC architecture and converting existing applications so they work correctly (near the bottom fifth of the page):

http://technet.microsoft.com/en-us/library/cc709628.aspx

Lastly, how to write such a manifest:

http://www.google.com/search?q=writing+a+uac+manifest

-Adam


The problem is that your application does not contain an assembly manifest with a requestedExectutionLevel.

Background

All correctly written Windows applications are required to have an assembly manifest. And starting in 2006 one of the elements you're required to have is a requestedExecutionLevel that specifies if your application can only function if the user is an administrator.

If your application does not have an assembly manifest, or if it does not have a requestedExecutionLevel Windows will assume it is a legacy application, and do things to hopefully keep it running.

One compatibility thing for legacy applications is that some of them might be an installer, or an udpater, and can only function when run as administrator. Windows tries to guess these applications by their filenames:

  • setup
  • update
  • patch

Are all examples of filenames caught by compatibility heuristics that are trying to automatically elevate for the user.

If the application has no assembly manifest, then it is not a validly written Windows application.

The correct solution

The correct solution is to add the assembly manifest that all correct applications will have. This disabled the heuristics.

A sample UAC "asInvoker" manifest:

<?xml version="1.0" encoding="utf-8"?>
<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
   <trustInfo xmlns="urn:schemas-microsoft-com:asm.v3">
      <security>
         <requestedPrivileges>
            <requestedExecutionLevel level="asInvoker" />
         </requestedPrivileges>
      </security>
   </trustInfo>
</assembly>