Information
Google Chrome offers to run the remote assistance host in a process with uiAccess permissions. This allows remote users to interact with elevated windows on the local user's desktop.
Solution
To establish the recommended configuration via Group Policy, set the following UI path to Disabled.
Computer Configuration\Administrative Templates\Google\Google Chrome\Configure remote access options\Allow remote users to interact with elevated windows in remote assistance sessions
Impact:
If this setting is disabled, the remote assistance host will run in the user's context. Furthermore, remote users cannot interact with elevated windows on the desktop.