Share via

UAC popup appears for some self-developed applications after Windows Update

ChiaYuan Lin 10 Reputation points
2026-05-18T01:09:44.4833333+00:00

This issue may be related to Visual Studio settings, but since it started occurring after a Windows Update, I would like to ask here.

I am not sure which update caused the issue, but after the updates installed on 2026/05/13, some of my self-developed applications started showing a UAC popup when launched.

The installed updates are:

.NET Framework Security Patch (KB5087051)

Security Patch (KB5089549) (OS Build 26200.8457)

The affected applications are digitally signed, and the signing certificates are still valid.

In addition, some applications built in the same way do not show this issue. When comparing the affected and unaffected applications, there are almost no differences in their settings, including the manifest configuration. The only noticeable difference seems to be the executable file name.

Also, the applications that trigger the UAC popup have a shield icon overlay on the executable icon.

Questions

I would like to ask the following:

  1. Were there any changes to the UAC detection logic in KB5089549 or KB5087051?
  2. Under what conditions does Windows add the shield icon overlay to an executable?
  3. Does Windows use EXE file names (for example, containing setup or install) as part of the UAC or installer detection logic?
  4. Even without requireAdministrator in the manifest, are there conditions under which Windows automatically treats an application as requiring administrator privileges?

If anyone has experienced a similar issue or has related information, I would appreciate your advice.

Windows for home | Windows 11 | Windows update

1 answer

Sort by: Most helpful
Most helpful Newest Oldest

  1. AI answer

    2026-05-18T01:10:07.5366667+00:00

    The described behavior matches recent intentional changes to elevation and UAC behavior introduced by Windows updates, similar to the change where accessing Storage settings began requiring elevation after KB5074105.

    From the available information:

    1. Changes to UAC detection logic in recent updates

    KB5074105 (OS build 26200.7705) introduced a change where opening Settings → System → Storage started triggering a UAC prompt. A moderator explanation states this was an intentional configuration addition for safety concerns, not a bug. This shows that recent Windows builds are tightening elevation requirements for certain operations and entry points.

    Given that KB5089549 is a security update for OS build 26200.8457, it is consistent with this pattern that UAC/elevation behavior for some executables or scenarios has been hardened. The context does not list the exact internal UAC logic changes for KB5089549 or KB5087051, but it does confirm that similar updates have intentionally changed elevation behavior.

    1. Conditions under which Windows adds the shield overlay

    The shield overlay appears when Windows determines that launching the executable will require elevation. The Storage settings example shows that even a system settings page can be reclassified to require elevation after an update, which then causes a UAC prompt.

    In practice, this overlay appears when:

    • The system now treats the target as performing privileged operations that must run elevated, or
    • The configuration for that entry point (shortcut, settings page, or associated component) has been updated to require elevation for safety.

    The context does not provide a full list of all conditions, but it clearly shows that updates can change configuration so that previously non-elevated entry points now require elevation and thus show the shield.

    1. Use of EXE file names in detection logic

    The provided context does not explicitly document any logic that uses EXE file names such as setup or install as part of UAC or installer detection, so no statement can be made from this material about name-based detection.

    1. Automatic elevation without requireAdministrator in the manifest

    The Storage settings case demonstrates that Windows can require elevation for an operation even though the user did not explicitly request requireAdministrator in an application manifest. The change was described as an intentional configuration addition for safety.

    This shows that:

    • Windows can reclassify certain operations or components as requiring elevation via configuration or updates.
    • When this happens, UAC prompts can appear even if the application itself has not changed its manifest.

    Applied to the described scenario, it is consistent that after installing KB5089549 (and KB5087051), some executables that perform or are associated with operations now considered sensitive may be treated as requiring elevation, causing:

    • A UAC prompt on launch, and
    • A shield overlay on their icons.

    Because some similarly built applications do not show the issue, it is likely that only those performing or associated with newly protected operations are affected, rather than a blanket change to all applications.

    For further troubleshooting, checking UAC settings (as suggested in a related case where users saw new UAC prompts after updates) may help confirm whether system-wide UAC configuration has changed.

    References:

    AI-generated content may be incorrect. Read our transparency notes for more information.

    Was this answer helpful?

    1 person found this answer helpful.

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.