Microsoft's latest August 2025 security update is wreaking havoc on non-admin users across several versions of Windows 10 and 11, preventing app installations from occurring in certain cases. Microsoft states that the August security update, meant to protect users from a privilege escalation vulnerability, is now causing unexpected UAC prompts to occur for non-admin users.
The security vulnerability that started this whole mess is CVE-2025-50173. This elevation of privilege vulnerability specifically exploits weak authentication capabilities in the Windows Installer, allowing attackers to elevate user privileges locally.
Microsoft patched this vulnerability with its latest round of August 2025 security updates, which allegedly incorporates new UAC prompts in various situations, making UAC more strict than it was before. However, this change has also introduced an unintended side effect of pushing UAC prompts for administrator rights onto standard users in some scenarios.
Microsoft shared scenarios in which this issue can arise: Running MSI (Microsoft Installer) repair commands, launching Autodesk applications, installing apps that configure themselves per user, running Windows Installer during Active Setup, deploying packages with ConfigMgr that rely on user-specific "advertising" configurations, and enabling secure desktop can all trigger a UAC prompt to appear requesting admin rights.
Error messages can also occur. Standard (non-admin) users who run an app that triggers MSI's (Microsoft Installer) repair operation, with commands such as "msiexec /fu" without displaying a UI, will fail with an error message. Running Office Professional Plus 2010 as a standard user will also fail with error code 1730 during the configuration process.
This issue is affecting virtually all builds of Windows 11, Windows 10, their respective Enterprise versions, and Windows Server, dating all the way back to Windows Server 2012.
Until there is a proper fix, there are two workarounds you can take advantage of if the UAC UI is not appearing; Microsoft recommends running problematic apps as Administrator. The easiest way to do this is to right-click the app you want to run and select "Run as administrator. For systems in a professional setting, IT admins can configure a special group policy known as Known Issue Rollback (KIR), which will remove the buggy UAC prompts altogether.
Follow Tom's Hardware on Google News, or add us as a preferred source, to get our up-to-date news, analysis, and reviews in your feeds. Make sure to click the Follow button!
Get Tom's Hardware's best news and in-depth reviews, straight to your inbox.
4 hours ago
2
English (US) ·