Microsoft today confirmed a new issue that is affecting users of the Windows 10 operating system. The issue prevents some apps from starting if they are started by a non-admin user.
According to Microsoft, Windows 10 systems that have the latest preview update installed are affected.
Comment: Optional updates for Windows should be considered beta, which means they should not be installed on most systems. The only exception to the rule is if an update fixes a major issue experienced on the system. All changes from optional updates are included in the next month's cumulative updates.
here are the details:
- This issue affects Windows 10 systems with KB5043131 installed.
- Affected apps include Quick Assist, Microsoft Teams, and Windows Narrator, among others.
- Microsoft initiated a rollback to resolve the issue on most systems.
Some apps will no longer launch
The issue only affects apps that launch from “Secure Path” and request elevated privileges using the uiAccess=true attribute. This means that the issue only occurs when a user is signed-in with regular user privileges, not administrator privileges.
TeaIP: It may be possible to bypass the issue by right-clicking on the apps and selecting run them as administrator. According to Microsoft's description, administrators may still encounter the issue.
Microsoft lists four examples for secure paths in Windows 10:
- %ProgramFiles% (including subdirectories)
- %ProgramFiles(x86)% (including subdirectories for 64-bit versions of Windows)
- %systemroot%system32
- %systemroot%syswow64 (for 64-bit versions of Windows)
Any app that launches from these directories and makes requests is affected by the issue.
Administrators can monitor the problem procmonCheck if an app runs at low integrity level instead of medium.
Solution
Microsoft mitigated the problem by using known issue rollbacks. This update removes the code that is causing the problem. The change is automatically applied to non-managed devices. Most consumer devices and any business devices not managed by an IT department will receive the fix over the coming 24-hour period.
This fix is not automatically applied to managed systems. there is a policy be provided This needs to be set on affected systems for Microsoft to apply the change.
Thanks for reading..
