Windows File Protection is a feature that prevents critical files from being replaced by unauthorized programs. Currently, the only applications capable of updating WFP-protected files are the following:
- Hotfix.exe for hotfix installations
- Update.exe for hotfix and service pack installations
- Winnt32.exe for operating system upgrades
- Windows Update
Windows Installer (MSI) is not among the list of authorized applications. Any package that attempts to replace a WFP-protected file will cause an error that previously was logged and the package continued. Support article KB898628 mentions that one work around is to author your component or components that would update WFP-protected files so that the components would not install on platforms that supported WFP, which include Windows 2000, XP, and 2003.
To author your components accordingly, set the Condition column value for your components in the Component table to something like the following:
Version9X Or VersionNT < 500
For a list of operating system values read Operating System Property Values in the Windows Installer SDK. Quite simply, these values are obtained by multiplying the major Windows version number by 100 and adding the minor version number.