Microsoft has officially acknowledged a significant bug in recent Windows security updates that is causing application installation and repair failures across multiple versions of Windows 10, Windows 11, and Windows Server.
The issue stems from a security enhancement in the August 2025 updates, which now incorrectly triggers User Account Control (UAC) prompts for standard, non-administrator users attempting to run routine application operations.
The problem was introduced with the security update KB5063878, released on August 12, 2025, and persists in later updates.
This update was designed to patch a high-severity elevation of privilege vulnerability in the Windows Installer, tracked as CVE-2025-50173.
While the fix successfully addressed the security flaw, it had an unintended side effect: it now enforces administrator-level permissions for Windows Installer (MSI) repair and related functions that previously ran seamlessly for standard users. As a result, users without admin rights are encountering unexpected UAC prompts.
Suppose they cannot provide administrator credentials, a common scenario in corporate and educational environments. In that case, the operation fails, often with an “Error 1730,” which indicates the user lacks the necessary access rights.
The bug affects several common scenarios, including:
- Running MSI repair commands like
msiexec /fu - Launching applications that perform a self-repair or initial user configuration, such as Autodesk products including AutoCAD, Civil 3D, and Inventor CAM.
- Installing applications that configure themselves on a per-user basis.
- Deploying software packages through Microsoft Configuration Manager (ConfigMgr).
The issue is particularly disruptive for organizations that rely on multi-user devices, such as university computer labs and shared workstations within enterprises.
IT administrators reported that applications using a “secondary” MSI installer for per-user setup are frequently affected.
One university IT administrator noted, “We have several applications behaving this way, not just those from Autodesk. All software running a secondary MSI installer does this behavior.”
Mitigations
Microsoft has officially documented the issue and provided temporary solutions while a permanent fix is being developed.
For individual users who can, the immediate workaround is to right-click the application and select “Run as administrator”.
For managed IT environments, Microsoft has made a Known Issue Rollback (KIR) available. This allows administrators to revert the specific change causing the UAC prompts by deploying a special Group Policy.
However, obtaining this KIR requires contacting Microsoft Support for business directly. Microsoft strongly advises against other workarounds, such as disabling related security features.
The company has stated it is working on a long-term solution that will be released in a future Windows update.
This fix will aim to allow administrators to specify which applications are permitted to perform MSI repair operations without triggering a UAC prompt.
The bug affects a wide range of platforms, including multiple versions of Windows 10 and 11, as well as Windows Server editions from 2012 to 2025.
Windows and Windows Server versions are affected by the User Account Control (UAC) bug:
| Operating System | Affected Versions |
|---|---|
| Client | Windows 11, version 24H2 Windows 11, version 23H2 Windows 11, version 22H2 Windows 10, version 22H2 Windows 10, version 21H2 Windows 10, version 1809 Windows 10 Enterprise LTSC 2019 Windows 10 Enterprise LTSC 2016 Windows 10, version 1607 Windows 10 Enterprise 2015 LTSB |
| Server | Windows Server 2025 Windows Server 2022 Windows Server, version 1809 Windows Server 2019 Windows Server 2016 Windows Server 2012 R2 Windows Server 2012 |
Find this Story Interesting! Follow us on Google News, LinkedIn, and X to Get More Instant Updates.
Source link
