Microsoft has highlighted a notable side effect stemming from the August updates, particularly affecting Windows users with standard user rights. When these users attempt to initiate certain programs or utilize the repair function of MSI installers, they are now greeted with a User Account Control (UAC) prompt. This unexpected behavior can lead to installation failures, which Microsoft has officially acknowledged.
In a recent entry in the Windows Release Health Notes, the tech giant elaborated on this new functionality. The primary aim of the August updates is to address a security vulnerability within the Windows installer, which could potentially allow attackers to escalate their privileges due to “weak authentication” (CVE-2025-50173 / EUVD-2025-24338, CVSS 7.8, risk high). To mitigate this risk, the update introduces a UAC prompt that requests administrator rights when performing actions related to the Windows Installer (MSI), such as repairs.
Implications of the Update
Microsoft has identified several scenarios where these UAC prompts may appear:
- Invoking MSI repair operations (e.g., using “msiexec /fu”)
- Launching Autodesk applications, including AutoCAD, Civil 3D, or Inventor CAM
- Installing an MSI file after the initial login to the application
- Installing apps that can be user-installed
- Starting Windows installers in an Active Setup
- Distributing packages via Configuration Manager (ConfigMgr) that utilize user-specific “advertising” configurations
- Activating the Secure Desktop
Moreover, Microsoft’s developers have noted that installations may fail altogether, accompanied by an error message. For instance, when a standard user attempts to initiate an MSI repair function without any dialog prompts, the installation may encounter issues. A specific example provided by Microsoft is the installation and launch of Microsoft Office Professional Plus 2010, which results in an Error 1730 during the configuration process.
To navigate these challenges, Microsoft suggests that users start applications as an administrator whenever feasible. This can be accomplished by right-clicking the app from the Start menu or search results and selecting “Run as administrator.” For IT administrators, there is an option to request a special group policy from Microsoft’s Support for Business, which would enable standard users to run applications with elevated privileges.
In response to the feedback, Microsoft is reportedly developing a solution that will allow administrators to configure MSI operations for specific applications without triggering UAC prompts. This issue is not isolated to a single version; it affects all currently supported Windows versions, including Windows 11 (24H2, 23H2, 22H2), Windows 10 (22H2, 21H2, 1809), and various iterations of Windows Server.
The August security updates have unveiled an unusual array of side effects. Initially, the updates faced distribution failures via WSUS, which Microsoft has since rectified. However, users soon discovered that resetting and restoring systems with Windows’ built-in tools became problematic post-update. An unplanned out-of-sequence update was subsequently released to address these underlying issues. Additionally, the security update has been linked to disruptions in professional video and audio streaming, impacting users of software like OBS.
