Patch tool without admin privileges on Windows 7


Is there any cli based patch tool that can run in Windows 7 without administrator privileges?

I have tried the following tools but they both need admin privileges.


Posted 2015-03-26T09:58:15.303

Reputation: 143



None of these tools require admin privileges, it's the file you want to patch is accessible only to admin. Look at the NTFS permissions for the file, I believe that you would find that only Administrators have rights to modify it.

UPDATE: We live, we learn. I was wrong, patch.exe does require elevation. Or more precisely, Windows thinks that it requires elevation: How to prevent Vista from requiring elevation on patch.exe?.

Creating external manifest for patch.exe declaring a requestedExecutionLevel of asInvoker doesn't help. But renaming to anything that doesn't contain word patch does. Try it.


Posted 2015-03-26T09:58:15.303

Reputation: 2 334

I don't think so because both exe files have shield sign on them, the same behavior have been noticed in 2 different PCs. I would like to attach image file but I don't have enough reputation points yet. – IdontCareAboutReputationPoints – 2015-03-26T11:11:37.620

@MusuNaji Sorry, you were right. Though it Windows thinks that it requires elevation, the patch.exe itself doesn't have manifest. See update, renaming file works for me. – beatcracker – 2015-03-26T11:33:30.427

wow I never expected that windows would have such mechanism. one day lived one thing learned. thank you :) – IdontCareAboutReputationPoints – 2015-03-26T12:06:15.513


The git for Win32 package comes with a patch.exe program that doesn't request administrator privileges. The package is very easy to install, even for non-administrator users: there's a portable version that you only have to unpack anywhere and it's ready to use.

The package also has some other useful utilities ported to Win32, so you get eg. vim, cat, grep, sort, less, diff, diff3, cmp, curl, openssl, sha256sum, perl, all with close to native Windows integration.


Posted 2015-03-26T09:58:15.303

Reputation: 139


While renaming is certainly an option, most build systems automatically call 'patch', and expect this to be the same call for on all platforms. Thus leaving the original name is certainly desirable in scenarios where automation is required.

Using a manifest XML file with resides side-by-side with patch.exe works like this (tested successfully on Win7 x64)

  1. create a new text file and insert

            <?xml version="1.0" encoding="UTF-8" standalone="yes"?>
            <assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
              <trustInfo xmlns="urn:schemas-microsoft-com:asm.v3">
                    <!-- Make sure that UAC believes
                    that it does not require administrative privilege -->
                    <requestedExecutionLevel level="asInvoker" uiAccess="false"/>
  2. name this file patch.exe.manifest

  3. make sure that the patch.exe is modified more recently (see here) by either re-downloading it, or touch'ing (see here) it.


Posted 2015-03-26T09:58:15.303

Reputation: 101