How To Run Program Without Privilege Elevation And Bypass UAC Prompt

How To Run Program Without Privilege Elevation And Bypass UAC PromptHow To Run Program Without Privilege Elevation And Bypass UAC Prompt

The User Account Control (UAC) is an extra layer of security that require administrative credentials for certain tasks and processes that require elevated privileges. Some Windows programs, like the Registry Editor (regedit), can only run with elevated privileges, while it is not necessary.

Normal operation can be performed in such applications, however, the Windows operating system cannot run the program with standard privileges – and only with elevated administrative rights. To overcome this, users often disable UAC or grant the user account administrative privileges. This is not the right approach since it is a security hazard.

That being said, there is a way you can bypass the UAC prompt, and not enter the administrative credentials while running the specified app or program with standard privileges. This way, you do not have to grant administrative privileges to the user, nor do you need elevated rights to run the program.

In this article, we show you multiple, tested ways to run an application/program without privilege elevation.

Why disable privilege elevation and bypass UAC

Although the UAC helps protects apps and programs from making changes to your system without authorization, it can be annoying when you should still be able to open an app without the elevation.

For this purpose, users often grant administrative permissions to user accounts or disable the UAC prompts altogether. While this works, it reduces your system’s security by removing the extra check. Which is why it is safer to allow apps and programs to run without elevated privileges.

When you run a program that normally requires administrative rights without it, you do not have access to all the sections or tasks within the app. This means that you are only able to perform the tasks that are allowed without administrative rights, like making changes to your current user account only.

Run administrative programs as standard user using RunAsInvoker

One of the most effective methods to bypass the UAC prompt and run programs that require administrative privileges as standard users is using a batch file. A batch file contains a piece of code, and in this case, it can be used to run a .EXE file using the privileges of the current user account.

In this process, we use the batch file to run a Command Prompt cmdlet which includes RunAsInvoker. RunAsInvoker is a command-based prompt that ignores any privilege elevation requests and runs a program with the same privileges as the code that launched it.

In other words, if you execute the program from an elevated command prompt, it will remain elevated. The program remains non-elevated if it is run from a command prompt that is not elevated.

Use the following steps to run any app or program without privilege elevation using RunAsInvoker:

  1. Right-click on a blank space on the desktop, expand New, and select “Text document.”

    Create a new text document on the desktop
    Create a new text document on the desktop
  2. Open the text document and paste the following inside of it:

    cmd /min /C "set __COMPAT_LAYER=RUNASINVOKER && start "" %1"
    Paste the command inside the text document
    Paste the command inside the text document
  3. Press CTRL + Shift + S to “Save as” the file.

  4. Select “All files” from the drop-down menu in front of “Save as type,” and then set a custom name for the file ending with “.batfile extension.

    Save file with .bat extension
    Save file with .bat extension
  5. Click Save.

  6. Now drag and drop the .EXE file for the app you want to run without elevated privileges onto the .BAT file you just saved.

    Drag and drop the program's .EXE file on top of the batch file
    Drag and drop the program’s .EXE file on top of the batch file

    You will now see the selected app/program run automatically without a UAC prompt, and also without administrative privileges

As mentioned earlier, note that you will not be able to perform any action that does require administrative rights – only the actions allowed to the current user account will be permitted.

You can now repeat Step 6 above to open any program without elevated rights by dropping its executable file on top of the batch file with RunAsInvoker.

Now, you can check through the Task Manager that the select program is running without any elevated privileges. You can check it in the “Details” tab inside the Task Manager. However, you may need to include the “Elevated” column.

Confirm whether program is running with non-elevated rights
Confirm whether the program is running with non-elevated rights

That said, alternatively, you can also specify the exact path to the .EXE file for the app/program within the batch file to always run it without administrative rights. To do so, you must use the following code syntax within the batch file, while replacing [PathToEXE] with the actual, complete path:

Set ApplicationPath="[PathToEXE].exe"
cmd /min /C "set __COMPAT_LAYER=RUNASINVOKER && start "" %ApplicationPath%"

Run administrative programs as standard user by granting permissions

A program requires elevated privileges when it is either programmed with a flag to ask for administrative rights, or the program needs to access a system file or folder for which the permissions have not been granted to the current user.

If the latter is the case, then this can be fixed by granting permission to the user. Use the following steps to permit the current user account (or the user group) so it can run the associated program without elevated privileges.

  1. Open File Explorer and navigate to the program’s associated file directory.

  2. Right-click the folder and click Properties from the context menu.

  3. Switch to the “Security” tab and click Edit.

    Edit directory security properties
    Edit directory security properties
  4. Select the user name or group and then check the box in front of “Full control” under the “Permissions for Users” section.

    Allow full control to user account
    Allow full control to the user account
  5. Click Apply and Ok.

Note: You may have to repeat these steps on more than one directory/item. This is because a program may be accessing more than one directory.

Run administrative programs as standard user with AdvancedRun tool

AdvancedRun tool is a utility developed by NirSoft that allows you to run a program with different accounts, with different privileges. It can also be used to run a program using the current user account but without the elevation of privileges.

Here are the simple steps to use the AdvancedRun tool and run any app or program without elevated rights:

  1. Download the AdvancedRun tool from the given link.

  2. Extract the downloaded file and then run the AdvancedRun application.

  3. Leave the default settings except for the following configurations:

    • Provide the complete path to the .EXE file to run in the “Program to Run” field.
    • Select “Current User – Without UAC Elevation” from the drop-down menu in front of “Run As.”
    Configure AdvancedRun by NirSoft to run application without privilege elevation
    Configure AdvancedRun by NirSoft to run application without privilege elevation
  4. Click Run to run the application without privilege elevation.

The chosen application will now run without elevated privileges.

Run administrative programs as standard user using Command Prompt

Other than the methods discussed above, you can also use the Command Prompt to run a program with administrative privileges. However, for this purpose, you must use the RunWithoutElevation utility by NirSoft.

Here are the steps to use the RunWithoutElevation command line tool to run any app or program without elevated privileges:

  1. Download the RunWithoutElevation tool by clicking on the link.

  2. Extract the contents.

  3. Press the Windows key + R hotkeys to open the Run Command box.

  4. Type in “cmd” and then press Enter to open the Command Prompt.

  5. Use the CD cmdlet to change the directory to the extracted RunWithoutElevation folder, in the following syntax:

    cd /d "[PathToExtractedFolder]"
    Change the directory to the RunWithoutElevation folder
    Change the directory to the RunWithoutElevation folder
  6. Now use the following command to run a program without administrative rights:

    RunWithoutElevation.exe "[PathToProgramEXE]"
    Run program without administrative rights from Command Prompt
    Run program without administrative rights from Command Prompt

Once the last command is run, the program should launch instantly, without prompting a UAC.

Include “Run as user without UAC privilege elevation” in context menu

You can also add the option to include an option to run all .EXE files without administrative privileges directly from its contextual menu. For this purpose, you must run a .REG file that makes changes to the Windows Registry.

Note: Misconfiguration of critical values in the system’s registry could be fatal for your operating system. Therefore, we insist that you create a system restore point or a complete system image backup before proceeding forward with the process.

You can also use our top selection of disk imaging and backup software so you never lose your data or operating system again.

Use the following steps to run apps and programs with standard privileges directly from the context menu:

  1. Right-click on a blank space on the desktop, expand New, and select “Text document.”

  2. Open the text document and paste the following inside of it:

    Windows Registry Editor Version 5.00
    [HKEY_CLASSES_ROOT\*\shell\forcerunasinvoker]
    @="Run as user without UAC privilege elevation"
    [HKEY_CLASSES_ROOT\*\shell\forcerunasinvoker\command]
    @="cmd /min /C \"set __COMPAT_LAYER=RUNASINVOKER && start \"\" \"%1\"\""
    Paste the code inside the text document
    Paste the code inside the text document
  3. Press CTRL + Shift + S to “Save as” the file.

  4. Select “All files” from the drop-down menu in front of “Save as type,” and then set a custom name for the file ending with “.reg” file extension.

    Save file with reg extension
    Save file with .reg extension
  5. Click Save.

  6. Double-click the .REG file to run it.

    Note: Elevated privileges will be required at this point.

  7. Click Yes on the confirmation dialog box.

    Confirm action
    Confirm action
  8. Click Ok when the action is performed.

As you will now notice, you can run any executable file with standard user privileges directly from the context menu. Simply right-click it and click “Run as user without UAC privilege elevation.”

Run as user without UAC privilege elevation option added to context menu
Run as user without UAC privilege elevation option added to context menu

Closing words

The concept of being able to run an application that normally only runs with administrative rights can also be run with standard non-privileged rights may be new to many people. However, it is possible.

In this article, you will learn how to run such apps and programs without elevated privileges. This will allow you to at least perform the tasks that d not require administrative permissions.

If you liked this post, Share it on:
Subhan Zafar is an established IT professional with interests in Windows and Server infrastructure testing and research, and is currently working with Itechtics as a research consultant. He has studied Electrical Engineering and is also certified by Huawei (HCNA & HCNP Routing and Switching).

Leave the first comment

Get Updates in Your Inbox

Sign up for the regular updates and be the first to know about the latest tech information

Talk to us now

Talk to us straight and get your questions answered right away

Tell Us About Your Project