Windows 7 Security: What You Need to Know, Part Two
Application compatibility is one of the most difficult obstacles users face when migrating from Windows XP to Windows 7. Fortunately, Microsoft offers some solutions, including XP Mode. This week, as part of my continuing series about major security changes in Windows 7, I'll focus on XP mode.
I should add that I'd planned on discussing both XP Mode and AppLocker this week but didn't want to skimp on either by cramming both into a single post. Thus, I'll discuss the latter next week. Also, as I noted in part one, I'm a full-time Microsoft employee.
XP Mode is but one option for dealing with app compatibility issues that might arise once you've deployed Windows 7. Microsoft does offer an excellent Application Compatibility Toolkit for troubleshooting and resolving compatibility issues, but many organizations lack the expertise or time to investigate every little problem. Alternatively, you may find that an application that worked with Windows XP simply will not work with Windows 7.
Enter XP Mode, available for Enterprise and Ultimate editions of Windows 7, as a free, downloadable, licensed virtual copy of Windows XP Service Pack 3. It's a pre-packaged VHD (virtual hard disk) that auto-logons when launched, although this feature can be disabled. When applications are installed in XP Mode, they appear as stand-alone apps in Windows 7, showing up under the menu bar. You also place them as regular desktop icons on the host desktop.
Most users probably won't notice that they're running a particular app in virtualization mode, other than the conspicuous slowness they'll experience the first time after booting up. It's pretty cool to see Internet Explorer 6 running alongside Internet Explorer 8 on the same desktop, which is a fairly common need for application compatibility (and XP Mode).
XP Mode can also be started as a normal, full-screen, virtualized desktop. XP Mode starts in NAT mode by default and can be joined to a domain just like any other workstation. It supports external media drives, including USB (yeah!), and it can perform drive mappings.
Installation takes a few steps. First, XP Mode relies upon a virtualization hardware feature, built in the BIOS, called Virtualization Technology by Intel or AMD-V by AMD. Most enterprise-class computers have this particular technology. Lower-end computers don't usually have it, and those that do rarely have it enabled. So boot up into your BIOS, look for the relevant virtualization technology, enable it, save the BIOS change, and reboot.
Prior to installing XP Mode, users must download and install Windows Virtual PC (WVPC), the new Windows 7 virtualization product. Microsoft has many virtualization technologies, and figuring out which product you need for XP Mode can be confusing. Hint: It's the one listed in this paragraph.
Installing WVPC creates a shortcut named Windows Virtual PC on the Windows 7 Start menu. Clicking on the shortcut opens the Virtual Machines folder, with a command bar that has an option to create a new VM. You can create a new VM using a guest OS image, such as ISO image or a VHD containing the OS image.