First of all, this is not needed in the zip version. If possible, it would be great to change it, so administrative permissions are only required, if the update fails due to actual permission errors (usually error code 5 for file I/O)
Second problem is somewhat bigger. After the update has been done, privileges are not dropped and factorio runs in administrative mode. This leaves open vulnerabilities:
- If the factorio server is compromised and delivers malicious code, it has full system access
- In case of game crashes or malicious mods, damages beyond the user account scope can be done.