User Account Control: Only elevate executables that are signed and validated
This security setting will enforce PKI signature checks on any interactive application that requests elevation of privilege. Enterprise administrators can control the admin application allowed list thru the population of certificates in the local computers Trusted Publisher Store.
The options are:
- Enabled: Enforces the PKI certificate chain validation of a given executable before it is permitted to run.
- Disabled: Does not enforce PKI certificate chain validation before a given executable is permitted to run.