Microsoft’s September Patch Tuesday has quietly closed two disruptive Windows regressions introduced in August — one that interfered with MSI-based app installs by unexpectedly surfacing User Account Control (UAC) prompts for standard users, and another that crippled NDI-based streaming performance for many multi‑PC OBS/NDI setups. Both problems were first tracked publicly on Microsoft’s Windows Release Health dashboard in August and September 2025, and Microsoft’s cumulative updates released September 9, 2025 (notably KB5065426 for Windows 11 24H2 and matching updates for Windows 10 branches) contain the fixes that restore previous functionality while preserving the security hardening that originally triggered the regressions.
Two technical patterns explain the behavior:
The practical symptom set was:
Source: Neowin Microsoft patches Windows bugs impacting NDI streaming performance and app installs
Background
August’s security hardening and the unintended fallout
In mid‑August 2025 Microsoft shipped a set of security updates to address a local elevation‑of‑privilege vulnerability in Windows Installer tracked as CVE‑2025‑50173. The mitigation tightened how Windows Installer (MSI) handles authentication and privilege elevation so that certain repair and patch operations now require explicit elevation. That change fixed the security flaw, but it also created two visible and painful side effects for real‑world workflows: unexpected UAC prompts and failures for non‑admin users when MSI repair or patch operations ran silently, and degraded Network Device Interface (NDI) streaming performance when using RUDP transport. (nvd.nist.gov)- The UAC/MSI problem surfaced when standard users launched applications or invoked MSI repair operations (for example, using msiexec /fu), causing unexpected prompts or outright failures (Error 1730 in some cases) for apps that would previously have repaired themselves without admin interaction. Commonly reported victims included legacy enterprise installers and auto‑repair sequences in applications such as Autodesk products and some Office configurations.
- The NDI problem produced severe stutter, lag and choppy audio/video for streaming apps using the NDI protocol’s default RUDP transport. The regression was particularly noticeable when “Display Capture” sources were used on the sending PC and afflicted low‑latency multi‑PC streaming setups used by creators and broadcast engineers. (support.streamlabs.com)
What went wrong (deep dive)
UAC + MSI: security tradeoffs that collided with legacy behaviors
The August security fix closed a Windows Installer weakness by strengthening authentication checks during patch and repair operations. As a consequence, Windows became stricter about when to prompt for admin consent. The vulnerability mitigation was correct from a security posture: it prevents unsigned or improperly authenticated MSI/patch operations from being silently applied and potentially exploited for privilege escalation. But the enforcement was broader than what some installers expected.Two technical patterns explain the behavior:
- Many installers rely on custom actions (scripted or binary steps inside an MSI) to perform per‑user initialization on first run, to launch ancillary installers, or to perform post‑install configuration. When Windows detects any custom action that would require elevation, it surfaces a UAC challenge. If the process that invokes the MSI was a standard user and the MSI attempted a repair without a visible UI, the lack of interactive elevation caused the operation to fail. (support.microsoft.com)
- Silent or unattended patches (msp/msi) that were previously permitted because they were signed or because installation context assumptions were looser, now faced new checks verifying whether elevated actions are actually required — and if they are, the system blocks or prompts. This broke deployments that expected repairs or patches to run without admin interaction. The net result was an infuriating and hard‑to‑diagnose class of failures for admins and end users.
NDI/RUDP: an unexpected touchpoint in the networking stack
NDI (Network Device Interface) uses several transport modes; RUDP (Reliable UDP) is the default because it aims to balance low latency with packet reliability. The August update introduced a change in how the OS processed certain RUDP flows (timing/acknowledgment/queue handling), which for NDI’s workload produced severe jitter and stuttering even on otherwise healthy LANs.The practical symptom set was:
- Choppy frames and audio dropouts in OBS or NDI Tools when the source used Display Capture.
- Problems persisted even under low bandwidth conditions, indicating the issue was not congestion but protocol handling in the OS networking/TCP‑stack‑adjacent code paths.
- Switching NDI Receive Mode to Single TCP or UDP (Legacy) mitigated the symptoms because those transports bypassed the RUDP code paths affected by the Windows update. (support.streamlabs.com)
Microsoft’s mitigation timeline and official guidance
- August 12, 2025 — Microsoft releases the security updates that include the Windows Installer changes and other fixes. Post‑deployment reports surface both the UAC/MSI and NDI regressions. Microsoft posts acknowledged advisories and workarounds in the Windows Release Health dashboard and KB articles.
- Mid to late August 2025 — Vendors and third parties publish practical workarounds:
- For NDI: change the NDI Receive Mode from RUDP to TCP or UDP on affected machines (NDI Access Manager → Advanced → Receive Mode). This was recommended by NDI tooling vendors and Streamlabs. (vmix.com)
- For UAC/MSI: Microsoft offered a Known Issue Rollback (KIR) Group Policy for managed environments as a temporary mitigation; non‑admin users were also told to run affected programs as administrator where possible. KIR had to be obtained/configured through Microsoft’s support channels and was intended as a stop‑gap for enterprise deployments.
- September 9, 2025 — Microsoft’s Patch Tuesday cumulative updates (delivered via KB5065426 and corresponding KBs for other channels) include targeted fixes and behavior adjustments that resolve both issues without undoing the security hardening. The Windows Release Health pages list both the UAC/MSI and NDI issues as Resolved as of the September 9 updates.
What the September fixes actually change
UAC/MSI: more targeted prompting and an admin allowlist
The September cumulative updates adjust Windows Installer’s elevation logic so that a UAC prompt is only required for MSI repair operations when the MSI package actually contains an elevated custom action. In plain terms: if a repair/patch doesn’t need privileged system changes, Windows won’t interrupt the user; if a repair legitimately intends to run elevated code, the prompt remains — which preserves security posture while reducing false positives. Microsoft also added a managed‑admin control so IT teams can explicitly permit (allowlist) MSI packages to perform repair operations without prompting on their managed devices. That is intended as a safer and more granular alternative to the earlier KIR Group Policy patch. The Release Health notes confirm organizations no longer need to deploy the KIR policy and can instead adopt the allowlist mechanism introduced with the September updates. Administrators should follow Microsoft’s KB guidance to add MSI package entries to the allowlist rather than relying on broad, less controlled workarounds.NDI: RUDP regressions fixed in the OS
The September updates correct the timing/packet handling regression that caused RUDP‑backed NDI streams to stutter. After installing the September 9 cumulative updates (or later), streaming apps using NDI no longer require the manual Receive Mode change to TCP/UDP: RUDP streams should resume normal low‑latency, reliable behavior without manual intervention. Microsoft’s Release Health explicitly notes that devices updated on or after September 9 do not need the workaround. (learn.microsoft.com, support.streamlabs.com, support.streamlabs.com, support.streamlabs.com, learn.microsoft.com, support.streamlabs.com)Source: Neowin Microsoft patches Windows bugs impacting NDI streaming performance and app installs
