Now, this is just plain wrong. The two most recent versions of the Lotus Notes clients won’t run when Vista User Account Control is enabled. This is despite the fact that IBM claims that Notes 8 is fully compatible with Vista. IBM recommends turning off UAC, which means you actually have to make your desktop less secure to run it.
Upon further investigation, it looks like nsd.exe is the actual component that doesn’t work when UAC is enabled. It looks like the only necessary change would be for NSD to ship with a manifest that uses the requireAdministrator flag to signal that the executable needs to run with elevated privileges. This is pretty straightforward, so I wonder if there’s some other issue that makes NSD, or another Notes component, fail under UAC. UAC support is required to get Vista logo certification, but I don’t have a Notes box handy to see whether IBM is claiming the logo or not.
So, shame on IBM for missing this elementary requirement– VIsta was out far enough in advance of Notes 8’s release for IBM to have sufficient time to support UAC. Shame on Microsoft, too, for not taking proactive action to make sure that such a widely used application would work properly with UAC.
(Bonus vuln: this buffer overflow in the Notes client viewer for 1-2-3 files. It requires a patch, which you must get from IBM support. Too bad IBM doesn’t make its patches freely downloadable.)