Mandatory Integrity Control in Microsoft Windows Vista and Windows Server 2008

Mandatory Integrity Control (MIC) is an additional layer of security built into Vista andWindows 2008. This particular layer helps Windows protect itself from harmful intentional and unintentional changes to important objects. Among the objects protected we can find files, directories, registry key, printers, and actually any object that has a security descriptor. The beauty of […]

Mandatory Integrity Control (MIC) is an additional layer of security built into Vista and
Windows 2008. This particular layer helps Windows protect itself from harmful intentional and unintentional changes to important objects. Among the objects protected we can find files, directories, registry key, printers, and actually any object that has a security descriptor.

The beauty of MIC is that it has been there in the background all along protecting you, yet you never knew it existed. You might have actually encountered it by trying to change a file that is protected by it, and even though you had the permission you couldn't...

The MIC layer is a barrier placed before your permissions are checked. Essentially this new road block checks your privilege level against the object that you are trying to change. If your privilege level is equal or higher you are allowed to make the change. On the other hand if your privilege is lower you cannot change the object even though you may have the permission to.

Vista defines four integrity levels in order of precedence from low to high (the Untrusted and Trusted Installer are out of scope here):

Full Article

Microsoft, Security, Windows Vista, Windows Server 2008, Longhorn, Server, MIc, Mandatory, Integrity, Contro, Knowldegebase, Article