Researcher Matt Nelson disclosed another Windows UAC bypass, this one abusing the SDclt.exe backup and restore utility. This one can be abused to execute a payload in a high-integrity context without triggering the UAC prompt. This attack, however, works only on Windows 10 and possibly Windows 8 machines because of a change Microsoft made after Windows 7. Microsoft has not considered these vulnerabilities, but instead a bypass of a defense-in-depth feature.
Source: https://threatpost.com/fileless-uac-bypass-uses-windows-backup-and-restore-utility/124579/