What is Virtualization?

There's a Virtualiztion option in the context menu of task manager (right
click a process in task manager). What is virtualization?

On Oct 7, 7:45 am, DeXtmL <DeX...@discussions.microsoft.com> wrote:
> There's a Virtualiztion option in the context menu of task manager (right
> click a process in task manager). What is virtualization?

I believe it's part of Vista's many compatibility options. When a
program is running under virtualization it will only access files in
your virtual store:

C:\Users\YourUserName\AppData\Local\VirtualStore

Microsoft implemented this so that legacy programs that try to modify
files in system folders (which now includes Program Files) can still
run under standard user access. You can read more about it here:

http://blogs.msdn.com/uac/archive/20...29.aspx#549260

-- Munchie

Hi Munchie,

Thanks for your explaination and that link.
Basically i understand some concept about it.
In your link, a sentence says
'Virtualization is only for legacy application compatibility', but i found
ieplorer.exe and ieuser.exe is also virtualized, does that means IE7's
compatiblity with Vista is not very well?
Additionally, Why microsoft give us a option to change the virtualiztion
state?

DeXtmL

"munchie" wrote:

> On Oct 7, 7:45 am, DeXtmL <DeX...@discussions.microsoft.com> wrote:
> > There's a Virtualiztion option in the context menu of task manager (right
> > click a process in task manager). What is virtualization?
>
> I believe it's part of Vista's many compatibility options. When a
> program is running under virtualization it will only access files in
> your virtual store:
>
> C:\Users\YourUserName\AppData\Local\VirtualStore
>
> Microsoft implemented this so that legacy programs that try to modify
> files in system folders (which now includes Program Files) can still
> run under standard user access. You can read more about it here:
>
> http://blogs.msdn.com/uac/archive/20...29.aspx#549260
>
> -- Munchie
>
>

On Oct 8, 12:09 am, DeXtmL <DeX...@discussions.microsoft.com> wrote:
> Hi Munchie,
>
> Thanks for your explaination and that link.
> Basically i understand some concept about it.
> In your link, a sentence says
> 'Virtualization is only for legacy application compatibility', but i found
> ieplorer.exe and ieuser.exe is also virtualized, does that means IE7's
> compatiblity with Vista is not very well?
> Additionally, Why microsoft give us a option to change the virtualiztion
> state?
>
> DeXtmL
>
> "munchie" wrote:
> > On Oct 7, 7:45 am, DeXtmL <DeX...@discussions.microsoft.com> wrote:
> > > There's a Virtualiztion option in the context menu of task manager (right
> > > click a process in task manager). What is virtualization?
>
> > I believe it's part of Vista's many compatibility options. When a
> > program is running under virtualization it will only access files in
> > your virtual store:
>
> > C:\Users\YourUserName\AppData\Local\VirtualStore
>
> > Microsoft implemented this so that legacy programs that try to modify
> > files in system folders (which now includes Program Files) can still
> > run under standard user access. You can read more about it here:
>
> >http://blogs.msdn.com/uac/archive/20...29.aspx#549260
>
> > -- Munchie

I found a much better article on it:

http://www.microsoft.com/technet/tec...s/2007/06/UAC/

Apparently, IE7 runs under virtualization because it has to support
legacy ActiveX scripts. Hope this helps.

-- Munchie

> Thanks for your explaination and that link.
> Basically i understand some concept about it.
> In your link, a sentence says
> 'Virtualization is only for legacy application compatibility'

When they say "legacy" they mean software not
specifically designed to work with the new Vista limitations.
In the past it's been normal to have access to the
Program Files folder, the Windows folder, the Registry,
etc. Vista is designed to essentially block the operation
of any software on an "all user" basis, and to block
access to nearly the whole system under normal
conditions.

Virtualization is like letting a child play with the car
dashboard buttons while the car is turned off. The child
is prevented from having a tantrum while also prevented
from getting into trouble.

Microsoft has presented virtualization as a transitional
technique to allow software to run even if it wasn't designed
to run on locked-down Vista. Virtualization will let your
software play with a copy of the file it wants to access,
or the Registry setting it wants to change, without actually
letting it touch that file or setting. If that's good
enough for your program to keep working then it solves
the problem of non-compliant software.


> Additionally, Why microsoft give us a option to change the virtualiztion
> state?
>
You might want to actually drive your own car.
If you trust the software you're using then you
will probably want it to actually be able to do what
it appears to be doing. While virtualization can solve
some problems for people who want to or must run
under "lock-down", it can also create a great deal of
confusion, since Windows is only pretending to let
your software function.

Hi,

Thanks for munchie's new link and mayayana's vivid explaination.
I have get its idea.
Microsoft has introduce the virtualization tech to help legacy app runs on
this new platform, based on the security issue.
But whether a virus would benefit from the virtualization? It feels that
itself has
get all the privileges needed to spread: access the registry, entering the
sensitive
folder, modifying confidental data... Whether that is virtual or real is not
important,
but that our os help that virus to run perfectly.
Would this disaster happen?
How does Microsoft prevent it?

Regards,
DeXtmL

"mayayana" wrote:

> > Thanks for your explaination and that link.
> > Basically i understand some concept about it.
> > In your link, a sentence says
> > 'Virtualization is only for legacy application compatibility'
>
> When they say "legacy" they mean software not
> specifically designed to work with the new Vista limitations.
> In the past it's been normal to have access to the
> Program Files folder, the Windows folder, the Registry,
> etc. Vista is designed to essentially block the operation
> of any software on an "all user" basis, and to block
> access to nearly the whole system under normal
> conditions.
>
> Virtualization is like letting a child play with the car
> dashboard buttons while the car is turned off. The child
> is prevented from having a tantrum while also prevented
> from getting into trouble.
>
> Microsoft has presented virtualization as a transitional
> technique to allow software to run even if it wasn't designed
> to run on locked-down Vista. Virtualization will let your
> software play with a copy of the file it wants to access,
> or the Registry setting it wants to change, without actually
> letting it touch that file or setting. If that's good
> enough for your program to keep working then it solves
> the problem of non-compliant software.
>
>
> > Additionally, Why microsoft give us a option to change the virtualiztion
> > state?
> >
> You might want to actually drive your own car.
> If you trust the software you're using then you
> will probably want it to actually be able to do what
> it appears to be doing. While virtualization can solve
> some problems for people who want to or must run
> under "lock-down", it can also create a great deal of
> confusion, since Windows is only pretending to let
> your software function.
>
>
>
>

On Oct 8, 10:57 am, DeXtmL <DeX...@discussions.microsoft.com> wrote:
> Hi,
>
> Thanks for munchie's new link and mayayana's vivid explaination.
> I have get its idea.
> Microsoft has introduce the virtualization tech to help legacy app runs on
> this new platform, based on the security issue.
> But whether a virus would benefit from the virtualization? It feels that
> itself has
> get all the privileges needed to spread: access the registry, entering the
> sensitive
> folder, modifying confidental data... Whether that is virtual or real is not
> important,
> but that our os help that virus to run perfectly.
> Would this disaster happen?
> How does Microsoft prevent it?
>
> Regards,
> DeXtmL
>
> "mayayana" wrote:
> > > Thanks for your explaination and that link.
> > > Basically i understand some concept about it.
> > > In your link, a sentence says
> > > 'Virtualization is only for legacy application compatibility'
>
> > When they say "legacy" they mean software not
> > specifically designed to work with the new Vista limitations.
> > In the past it's been normal to have access to the
> > Program Files folder, the Windows folder, the Registry,
> > etc. Vista is designed to essentially block the operation
> > of any software on an "all user" basis, and to block
> > access to nearly the whole system under normal
> > conditions.
>
> > Virtualization is like letting a child play with the car
> > dashboard buttons while the car is turned off. The child
> > is prevented from having a tantrum while also prevented
> > from getting into trouble.
>
> > Microsoft has presented virtualization as a transitional
> > technique to allow software to run even if it wasn't designed
> > to run on locked-down Vista. Virtualization will let your
> > software play with a copy of the file it wants to access,
> > or the Registry setting it wants to change, without actually
> > letting it touch that file or setting. If that's good
> > enough for your program to keep working then it solves
> > the problem of non-compliant software.
>
> > > Additionally, Why microsoft give us a option to change the virtualiztion
> > > state?
>
> > You might want to actually drive your own car.
> > If you trust the software you're using then you
> > will probably want it to actually be able to do what
> > it appears to be doing. While virtualization can solve
> > some problems for people who want to or must run
> > under "lock-down", it can also create a great deal of
> > confusion, since Windows is only pretending to let
> > your software function.

You know what else you got me thinking about: How rough it's going to
be to troubleshoot programs and remove spyware form a Vista machine.
Not only can things place themselves in the system folder, but also in
the virtual store! Luckily, Vista seems to be a little more resilient
than XP.

-- Munchie

Hi Munchie,

(I am curious about why you think Vista is 'a little more resilient
than XP'. )
Sorry i have asked you such a stupid question( I posted that question before
i
have fully read your new article.) Vista's security model seems far more
robust
than XP's, meanwhile the trade off is some convenience.
Some days ago, i posted a problem about Vista's security scan for a huge exe:

http://www.microsoft.com/communities....general&fltr=

That is also contained in your new link, but no solution is given. I hope
you can
figure out a good method to deal with it.


Regards,
DeXtmL




"munchie" wrote:

> On Oct 8, 10:57 am, DeXtmL <DeX...@discussions.microsoft.com> wrote:
> > Hi,
> >
> > Thanks for munchie's new link and mayayana's vivid explaination.
> > I have get its idea.
> > Microsoft has introduce the virtualization tech to help legacy app runs on
> > this new platform, based on the security issue.
> > But whether a virus would benefit from the virtualization? It feels that
> > itself has
> > get all the privileges needed to spread: access the registry, entering the
> > sensitive
> > folder, modifying confidental data... Whether that is virtual or real is not
> > important,
> > but that our os help that virus to run perfectly.
> > Would this disaster happen?
> > How does Microsoft prevent it?
> >
> > Regards,
> > DeXtmL
> >
> > "mayayana" wrote:
> > > > Thanks for your explaination and that link.
> > > > Basically i understand some concept about it.
> > > > In your link, a sentence says
> > > > 'Virtualization is only for legacy application compatibility'
> >
> > > When they say "legacy" they mean software not
> > > specifically designed to work with the new Vista limitations.
> > > In the past it's been normal to have access to the
> > > Program Files folder, the Windows folder, the Registry,
> > > etc. Vista is designed to essentially block the operation
> > > of any software on an "all user" basis, and to block
> > > access to nearly the whole system under normal
> > > conditions.
> >
> > > Virtualization is like letting a child play with the car
> > > dashboard buttons while the car is turned off. The child
> > > is prevented from having a tantrum while also prevented
> > > from getting into trouble.
> >
> > > Microsoft has presented virtualization as a transitional
> > > technique to allow software to run even if it wasn't designed
> > > to run on locked-down Vista. Virtualization will let your
> > > software play with a copy of the file it wants to access,
> > > or the Registry setting it wants to change, without actually
> > > letting it touch that file or setting. If that's good
> > > enough for your program to keep working then it solves
> > > the problem of non-compliant software.
> >
> > > > Additionally, Why microsoft give us a option to change the virtualiztion
> > > > state?
> >
> > > You might want to actually drive your own car.
> > > If you trust the software you're using then you
> > > will probably want it to actually be able to do what
> > > it appears to be doing. While virtualization can solve
> > > some problems for people who want to or must run
> > > under "lock-down", it can also create a great deal of
> > > confusion, since Windows is only pretending to let
> > > your software function.
>
> You know what else you got me thinking about: How rough it's going to
> be to troubleshoot programs and remove spyware form a Vista machine.
> Not only can things place themselves in the system folder, but also in
> the virtual store! Luckily, Vista seems to be a little more resilient
> than XP.
>
> -- Munchie
>
>

"DeXtmL" wrote:

> There's a Virtualiztion option in the context menu of task manager (right
> click a process in task manager). What is virtualization?

Here some information on
http://www.microsoft.com/events/seri...casts&id=42531.

I believe it has something to do with whether or not a process can use
virtual memory. This would be normally checked off unless you are debugging
a program or if the program requires not being swapped to disk.

Bob


"Marspe" <> wrote in message
news:A039866B-1B8E-45E2-AEA6-...
>
>
> "DeXtmL" wrote:
>
>> There's a Virtualiztion option in the context menu of task manager (right
>> click a process in task manager). What is virtualization?
>
> Here some information on
> http://www.microsoft.com/events/seri...casts&id=42531.