CVE-2025-50173

Name of the Vulnerable Software and Affected Versions Windows Installer versions prior to September 2025

Description A weak authentication issue in Windows Installer can allow an authorized attacker to elevate privileges locally. This issue was addressed with a security enhancement in the August 2025 Windows security update (KB5063878) and subsequent updates, fixing the security flaw CVE-2025-50173. However, the August 2025 update inadvertently triggered excessive User Account Control (UAC) prompts for non-admin users during operations like app installations, MSI repairs, and enabling Secure Desktop. The September 2025 update modified the UAC prompt behavior, limiting their necessity for certain operations, specifically MSI repairs, and provided IT administrators with the ability to disable UAC prompts for specific applications via registry keys. The initial fix for CVE-2025-50173 aimed to prevent privilege escalation by attackers, but caused installation problems for non-admin users. The September 2025 update reduces unnecessary UAC prompts for MSI repairs, requiring them only if the MSI file contains elevated custom actions.

Recommendations Install the September 2025 Windows security update to address the UAC prompt issues and the CVE-2025-50173 vulnerability. For IT administrators, utilize the new ability to disable UAC prompts for specific applications by adding specified registry keys.