The first documented bug in the Windows 7 Release Candidate (build 7100) is a doozy.

Yesterday, Microsoft published Knowledge Base article 970789, which provides details of a problem that affects the 32-bit (x86) English-language version of Windows 7 build 7100. The problem, in short, is that the installer incorrectly sets access control lists (ACLs) on the root of the system drive. The longer version is described as follows:

In the English version of Windows 7 Release Candidate (build 7100) 32-bit Ultimate, the folder that is created as the root folder of the system drive (%SystemDrive%) is missing entries in its security descriptor. One effect of this problem is that standard users such as non-administrators cannot perform all operations to subfolders that are created directly under the root. Therefore, applications that reference folders under the root may not install successfully or may not uninstall successfully. Additionally, operations or applications that reference these folders may fail.

For example, if a folder is created under the root of the system drive from an elevated command prompt, this folder will not correctly inherit permissions from the root of the drive. Therefore, some specific operations, such as deleting the folder, will fail when they are performed from a non-elevated command prompt. Additionally, the following error message appears when the operation fails:

Access is denied.

Furthermore, the missing security descriptor entries protect non-admin file operations directly under the root.

A hotfix is available as an important update that should be delivered and installed automatically by Windows Update, assuming you have set up automatic updates. On one test system that I checked just now, the update had already been installed overnight. On two other systems, the update had been downloaded but was awaiting installation.

The hotfix package fixes the security descriptor of the root of the system drive, but it does not repair applications that are already installed, nor does it affect the permissions of folders that were created after the installation.

If you installed the x64 version of Windows 7, you are apparently unaffected by this issue.

If you haven’t yet installed the Windows 7 RC, it’s important to install this hotfix after you set up Windows and before you install any programs or restore any backed-up data.

This sounds like a pretty serious bug, and I’m surprised that it slipped through into the release candidate. I haven’t observed any deleterious effects from this issue yet but am doing further testing today. If anyone has any firsthand reports of being bitten by this bug, please leave a comment