Microsoft recently released the August monthly update KB5063878 for Windows 11 version 23H2. You can read more about the Windows 11 update KB5063878 by clicking here. They have now acknowledged and confirmed one new issue after the installation of August update on devices. After this update non-admins might receive unexpected UAC prompts when doing MSI repair operations.
A security improvement was included in the August 2025 Windows security update (KB5063878) and later updates to enforce the requirement that User Account Control (UAC) prompt for administrator credentials when performing Windows Installer (MSI) repair and related operations. This improvement addressed security vulnerability CVE-2025-50173.
As a result, after installing the August 2025 Windows security update and later updates, UAC prompts for administrator rights can appear for standard users in the following scenarios:
Running MSI repair commands (such as msiexec /fu).
Launching Autodesk applications, including some versions of AutoCAD, Civil 3D and Inventor CAM, or when installing an MSI file after a user signs into the app for the first time.
Installing applications that configure themselves per user.
Running Windows Installer during Active Setup.
Deploying packages via Manager Configuration Manager (ConfigMgr) that rely on user-specific “advertising” configurations.
Enabling Secure Desktop.
If a standard user runs an app that initiates an MSI repair operation without displaying UI, it will fail with an error message. For example, installing and running Office Professional Plus 2010 as a standard user will fail with Error 1730 during the configuration process.Workaround: When possible, run the app as an administrator. (From the Start menu or Search results, right-click the app and select Run as administrator.)
When standard users cannot run apps as an administrator, IT admins can mitigate this issue by installing and configuring a special Group Policy using Known Issue Rollback (KIR) for the following platforms:
Windows Server 2025
Windows Server 2022
Windows 11, versions 22H2, 23H2, 24H2
Windows 10, versions 21H2, 22H2
To apply this mitigation, please contact Microsoft’s Support for business. It is strongly recommended that IT admins avoid other workarounds such as disabling related features.Next steps: We are working to address this issue by allowing IT admins to permit specific apps to perform MSI repair operations without UAC prompts. This improvement will be released in a future Windows update, and we will provide more information when it is available.
Affected platforms:
Client: Windows 11, version 24H2; Windows 11, version 23H2; Windows 11, version 22H2; Windows 10, version 22H2; Windows 10, version 21H2; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise 2015 LTSB
Server: Windows Server 2025; Windows Server 2022; Windows Server, version 1809; Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012
