Microsoft's August 2025 Windows Security Update is causing pain for administrators after a fix for a vulnerability led to some unintended consequences.

The fix was related to CVE-2025-50173 , which addressed an authentication issue in Windows Installer that could allow an authorized attacker to elevate privileges locally. Microsoft's solution was to enforce the User Account Control (UAC) prompt for administrator credentials when performing Windows Installer (MSI) repair and related operations.

Problem solved? Yes and no. Yes, in that the vulnerability was addressed. No, in that UAC prompts for administrator rights can pop up unexpectedly for standard users. Make that a "hell no" for apps that instantiate an MSI repair operation without displaying a UI. Microsoft cited the example of inst

See Full Page