Latest Windows 11 Security Update Triggers Unintended UAC Prompts

Microsoft has acknowledged that the August 2025 security update is causing pain for administrators across several versions of Windows 11 and Windows 10. This bug is triggering unexpected User Account Control (UAC) prompts and app installation issues for non-admin users.

According to Microsoft, this issue is caused by a security update that addresses the CVE-2025-50173 security vulnerability. This elevation of privilege vulnerability specifically exploits weak authentication capabilities in the Windows Installer. It could allow attackers to elevate user privileges locally on Windows machines.

What’s causing the UAC and installation issues on Windows 11?

Microsoft addressed this vulnerability by implementing prompts that request admin credentials in various situations to prevent potential attackers from escalating permissions. However, this change has also introduced a problem of pushing UAC prompts for administrator rights onto standard users in some scenarios.

These scenarios include launching Autodesk applications, running MSI (Microsoft Installer) repair commands, running Windows Installer during Active Setup, and installing apps that configure themselves per user. The UAC prompt can also be triggered by deploying packages with ConfigMgr that rely on user-specific “advertising” configurations and enabling secure desktop.

Microsoft has also warned that standard (non-admin) users are encountering error messages when they try to run certain apps or commands. Moreover, running Office Professional Plus 2010 as a standard user will fail with error code 1730 during the configuration process on Windows PCs.

This issue affects all supported editions of Windows 11, Windows 10, Windows Server 2012, and Windows Server 2012 R2. Microsoft’s engineers are currently working on a fix to address this problem on affected Windows machines.

Microsoft’s workarounds and recommendations

As a workaround, Microsoft advises customers to run problematic apps as administrators when possible. For enterprise customers, it’s recommended to configure a special group policy called Known Issue Rollback (KIR). However, this fix is only applicable to Windows Server 2025 and Windows Server 2022, as well as Windows 11 version 22H2 to 24H2, and Windows 10 versions 21H2 and 22H2.

Microsoft is working on a fix that will let admins approve certain apps to run MSI repair operations without triggering UAC prompts. However, there’s no timeline yet for when this update will reach Windows users.