EP_X0FF wrote:15007 (presumable, 15002 not checked) bring long awaited changes in the IFileOperation interface. For now attempts to create/copy/move to files in Windows and it subdirectories will result in E_ACCESSDENIED no matter if you do this from faked process or from code injected to the Explorer process. Additionally it seems it is no longer possible to create subdirectories in Windows without having full admin rights. Because IFileOperation is critical to UAC bypass (Middle->High) scheme you may consider every "method" based on it now dead. IFileOperation however still autoelevated which means these changes are special restrictions added to fight UAC bypass.
Updated UACMe with working again 20, 21, 22, 23 methods will be published tomorrow. It turned I overestimated Microsoft changes.
Edit: UACMe updated and now able deliver again.