Microsoft Confirms UAC Bug Breaks App Install On Windows 11 And 10 Versions

Cybersecurity

Microsoft has identified a critical bug in recent Windows security updates, leading to application installation and repair failures across various versions of Windows 10, Windows 11, and Windows Server.

The issue originates from a security enhancement in the August 2025 updates, which incorrectly triggers User Account Control (UAC) prompts for standard, non-administrator users during routine application operations. This problem was introduced with the security update KB5063878, released on Tue, Aug 12, 2025, and persists in subsequent updates.

The update aimed to patch a high-severity elevation of privilege vulnerability in the Windows Installer, tracked as CVE-2025-50173. While the vulnerability was addressed, it resulted in an unintended enforcement of administrator-level permissions for Windows Installer (MSI) repair and related functions, previously accessible to standard users. Consequently, users without admin rights encounter UAC prompts and are unable to proceed without administrator credentials, often resulting in an “Error 1730” indicating insufficient access rights.

The bug affects several scenarios, including:

• Running MSI repair commands like msiexec /fu
• Launching applications that perform a self-repair or initial user configuration, such as Autodesk products including AutoCAD, Civil 3D, and Inventor CAM
• Installing applications that configure themselves on a per-user basis
• Deploying software packages through Microsoft Configuration Manager (ConfigMgr)

This issue is particularly disruptive for organizations relying on multi-user devices, such as university computer labs and shared workstations within enterprises. IT administrators report that applications using a “secondary” MSI installer for per-user setup are frequently affected.

Mitigations

Microsoft has documented the issue and provided temporary solutions while developing a permanent fix. For individual users, the immediate workaround is to right-click the application and select “Run as administrator”.

In managed IT environments, Microsoft has made a Known Issue Rollback (KIR) available, allowing administrators to revert the specific change causing the UAC prompts via a special Group Policy. Obtaining this KIR requires contacting Microsoft Support for business directly. Microsoft advises against other workarounds, such as disabling related security features.

The company is working on a long-term solution to be released in a future Windows update, aiming to allow administrators to specify which applications can perform MSI repair operations without triggering a UAC prompt.

The bug affects multiple versions of Windows 10 and 11, as well as Windows Server editions from 2012 to 2025. Affected Windows and Windows Server versions include: