Microsoft fesses up to Windows update that caused UAC prompts


Microsoft has admitted that the security updates released for Windows in August caused problems for a lot of users. Affected users experienced a series of unexpected UAC (User Account Control) prompts.
The scale of the issue is large. This is not a problem that is limited to a particular version of Windows – every supported version of Windows that received the August 2025 security update is affected. This means that Windows 10, Windows 11, Windows Server 2022 and Windows Server 2025 have all been hit with the UAC prompts.
Microsoft posted a message on the Windows release health pages warning that “Microsoft fesses up to Windows update that caused UAC prompts”. The company calmly explains that:
A security improvement was included in the August 2025 Windows security update (KB5063878) and later updates to enforce the requirement that User Account Control (UAC) prompt for administrator credentials when performing Windows Installer (MSI) repair and related operations. This improvement addressed security vulnerability CVE-2025-50173.
The list of operating systems affected is lengthy, although Microsoft has not provided details about the number of people experiencing the issues:
- Client: Windows 11, version 24H2; Windows 11, version 23H2; Windows 11, version 22H2; Windows 10, version 22H2; Windows 10, version 21H2; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise 2015 LTSB
- Server: Windows Server 2025; Windows Server 2022; Windows Server, version 1809; Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
The post goes on to reveal numerous scenarios that could lead to the request for administrator rights being shown to non-admins – and there are quite a few:
- Running MSI repair commands (such as msiexec /fu).
- Launching Autodesk applications, including some versions of AutoCAD, Civil 3D and Inventor CAM, or when installing an MSI file after a user signs into the app for the first time.
- Installing applications that configure themselves per user.
- Running Windows Installer during Active Setup.
- Deploying packages via Manager Configuration Manager (ConfigMgr) that rely on user-specific "advertising" configurations.
- Enabling Secure Desktop.
Microsoft goes on to say: “If a standard user runs an app that initiates an MSI repair operation without displaying UI, it will fail with an error message. For example, installing and running Office Professional Plus 2010 as a standard user will fail with Error 1730 during the configuration process”.
Microsoft does it again
Right now there is not a proper fix available; Microsoft offers a boilerplate promise:
We are working to address this issue by allowing IT admins to permit specific apps to perform MSI repair operations without UAC prompts. This improvement will be released in a future Windows update, and we will provide more information when it is available.
But it also suggests the following workaround which should help in the meantime:
When possible, run the app as an administrator. (From the Start menu or Search results, right-click the app and select Run as administrator.)
In addition to this, the company says:
When standard users cannot run apps as an administrator, IT admins can mitigate this issue by installing and configuring a special Group Policy using Known Issue Rollback (KIR) for [...] Windows Server 2025, Windows Server 2022, Windows 11, versions 22H2, 23H2, 24H2, Windows 10, versions 21H2, 22H2.
Users are advised to contact Microsoft’s Support for business.
Have you been hit by the latest problematic update for Windows? Share your experiences in the comments below, along with your thoughts about Microsoft's seemingly subpar approach to quality control when it comes to updates for Windows. How does it seem to be able to release so many updates that caused problems?
Image credit: Alexey Novikov / Dreamstime.com