Running Application Installers from the Software Update Wizard.

Some Software Update Wizard users like to use the Software Update Wizard to deliver their software updates in standard Windows installers using a 'Filename=' type keyword line to download the installer and to then launch the installer using an ExecAfter.  This method is fully supported by the Software Update Wizard, within the security constraints of the Windows operating system.

However, an issue arises when the installer is launched using the security context of the  Software Update Wizard service application, SYSTEM.  Microsoft has prevented service applications from interacting with the user's desktop since Vista because it is a security loophole.  Therefore, if you launch an installer (or any other application that has a user interface) from a Windows service, Windows will normally intercept it and post an 'Interactive Services Dialog' or task bar notification.  The user has to 'notice' this, agree to action it, go to a separate desktop that opens, run the interactive application and then close the separate desktop.  This is very far from ideal in a software update context and ideally needs to be avoided.

The only way to avoid the 'Interactive Services Dialog' / notification is via one of the following routes:

Please bear in mind that this issue is caused by Windows security policy.  The Software Update Wizard or any other alternative automatic updates solution cannot circumvent the way Windows works in this respect (nor should it be able to, as this would constitute a serious security vulnerability in Windows).  Therefore, whichever auto-updates software solution you use will have to operate in one of the three ways described on this page.