When you look at the security properties of notepad.exe , you won’t see YourName or even Administrators as the owner. You will see NT SERVICE\TrustedInstaller . This is a service account, a non-human identity.
In older versions of Windows (like XP), the built-in Administrator account had full control over everything. While convenient, this was a massive security flaw. If a user accidentally deleted a critical system DLL, or if malware gained administrative privileges, the entire operating system could be compromised or destroyed. trustedinstaller windows 10
There are rare occasions where a user must modify a protected file (e.g., removing a stubborn file, hacking a UI theme, or fixing a corrupted system file that Windows Update won't fix). When you look at the security properties of notepad
This process acts as the "gatekeeper." When Windows Update runs, it spawns this process. Because the process runs under the TrustedInstaller identity, it has the authority to modify protected system files to install patches and security updates. In older versions of Windows (like XP), the
The primary role of TrustedInstaller in Windows 10 is to act as a gatekeeper for system files and settings. When a user or an application attempts to modify or replace a system file or setting, Windows 10 checks if the request comes from a trusted source. If the request is legitimate and originates from a trusted source (i.e., a Windows component or an application with the necessary permissions), TrustedInstaller allows the modification to proceed. This ensures that only authorized changes are made to the system, thereby preventing malware or rogue applications from making harmful modifications.
Your Privacy Choices