I've tried all the steps in other posts and still no luck. I have UAC set to never, I'm logged in as admin, policy UAC: admin approval mode for admins is set to enable.
I know calc.exe is a huge security risk but is there anyway to run it without UAC?
Answer
Here is an excellent article that helps explain the problem:
Why the built-in administrator account can’t open Edge (and a lesson in UAC).
Ultimately, the author emphasizes the following:
The built-in administrator account essentially runs with all UAC settings disabled. ... By default, the built-in administrator cannot execute modern apps.
As a result, your built-in Administrator account will see messages like the following:
The author goes on to explain that you should be able to mitigate this problem by navigating to the following Group Policy location:
Computer Configuration > Policies > Windows Settings > Security > Security Options
Then, enable the following policy:
User Account Control: Admin Approval Mode for the Built-in Administrator account
If this isn't the built-in Administrator account and merely a locally created admin account experiencing the same issues, you may have inadvertently disabled UAC entirely. Once again, quoting the article:
Actually, if you completely disable UAC, no one will be able to run these colorful toy applications. Note that you can’t completely disable UAC through the Control Panel. With the setting Never notify, UAC is still active.
To turn off all UAC settings, you have to disable the security policy User Account Control: Run all administrators in Admin Approval Mode (Computer Configuration > Policies > Windows Settings > Security > Security Options).
If that happened through either a Group Policy or registry change, you should be able to reverse that rather easily to restore access to the modern apps.
No comments:
Post a Comment