RuntimeBroker.exe

Windows Runtime Broker

System ProcessStableSystem Component

CPU Usage

0-3%

Memory

60-140 MB

Location

C:\Windows\System32

Publisher

Microsoft Corporation

Quick Answer

runtime-broker.exe is a legitimate Windows component. It mediates permission prompts for Windows Store apps and runs briefly during permission checks, then idles to minimize resource use.

Is it a Virus?

✔ NO - Safe

Must be in C:\Windows\System32\RuntimeBroker.exe

Warning

Many processes normal

RuntimeBroker may spawn brief processes while apps request permissions

Can I Disable?

⚠ NO - Not Recommended

Disabling can affect permission prompts for Store apps and Windows stability

What is RuntimeBroker.exe?

RuntimeBroker.exe is a Windows system process that mediates permission checks for apps installed from the Microsoft Store (UWP). It runs in the background to enforce user consent for resources such as notifications, location, microphone, and camera, and typically exits when no app requests access.

RuntimeBroker monitors permission requests from Store apps and launches with minimal privileges to grant or deny access to resources. It coordinates with Windows security boundaries and ends the session when permission is granted or revoked, helping contain potential misuse.

Quick Fact: Runtime Broker debuted with Windows 8 and continues to mediate runtime permissions for Store apps with low overhead.

Types of Runtime Broker Activities

Permission Prompt: Shown when an app requests access to location, microphone, camera, or notifications
Policy Enforcement: Ensures apps respect user consent and Windows privacy policies
Session Teardown: Exits after the permission decision is made to minimize resource use
Background Observation: Monitors background permission state for running UWP apps
System Integration: Works with Windows security subsystem to apply access controls
Telemetry Interaction: May participate in low-volume telemetry related to permissions (where enabled)

Is runtime-broker.exe Safe?

Yes, runtime-broker.exe is safe when it originates from the legitimate Windows system folder (C:\Windows\System32) and is digitally signed by Microsoft.

Is runtime-broker.exe a Virus or Malware?

The real runtime-broker.exe is NOT a virus. However, malware may masquerade with similar names or paths to mislead users.

How to Tell if runtime-broker.exe is Legitimate or Malware

File Location:: Must be in C:\Windows\System32\RuntimeBroker.exe (or C:\Windows\SysWOW64\RuntimeBroker.exe on some 32-bit systems). Any other path is suspicious.
Digital Signature:: Right-click the file → Properties → Digital Signatures. Should show a signature from Microsoft Corporation or Microsoft Windows.
Resource Usage:: Typically 0-3% CPU and modest memory during permission checks. Constant high usage without prompts warrants a scan.
Behavior:: Should not remain active in the foreground or without permission prompts. Persistent activity may indicate a problem.

Red Flags: If runtime-broker.exe appears outside C:\Windows\System32 or SysWOW64, lacks a valid signature, or runs with sustained high resource use without prompts, scan with Windows Defender or a trusted antivirus immediately.

Why Is runtime-broker.exe Running on My PC?

RuntimeBroker.exe runs to enforce app permissions for Store apps; it activates briefly when an app requests access and then exits to free resources.

Reasons it's running:

Active Store App Use: A UWP app requests permission (location, microphone, camera, notifications), triggering a RuntimeBroker session
Background Permission Checks: Background tasks from Store apps may prompt RuntimeBroker to verify access policies
Notifications and Alerts: Apps requesting or delivering notifications may cause RuntimeBroker activity during permission management
OS Maintenance or Updates: Windows updates or app installs may initiate policy checks via RuntimeBroker
System Startup and Idle Transitions: During startup or when switching user sessions, Windows may perform initial permission checks

Can I Disable or Remove runtime-broker?

No, you should not disable runtime-broker.exe. It is a core Windows component that mediates Store app permissions; disabling it can cause permission prompts to fail and affect app behavior.

How to Stop runtime-broker.exe

End Background RuntimeBroker: Open Task Manager (Ctrl+Shift+Esc) → Details → RuntimeBroker.exe → End Task
Close Store Apps: Exit Store apps that trigger permission prompts
Limit Background Apps: Settings → Privacy & security → Background apps → Turn off 'Let apps run in the background'
Restrict App Permissions: Settings → Privacy → App permissions → Review and restrict permissions for non-essential Store apps
Restart Windows: Reboot to apply changes and observe if prompts resume normally

Common Problems: High CPU or Memory Usage

If runtime-broker.exe consumes unusual resources, follow these targeted checks and fixes.

Common Causes & Solutions

Frequent permission prompts from multiple Store apps: Close or restrict non-essential Store apps; review per-app permissions and limit prompts
Background extensions or tasks triggering prompts: Disable background tasks for unused Store apps and review app permissions
Outdated Windows or Store apps: Check for Windows updates and update all Microsoft Store apps
Misconfigured or misbehaving Store apps: Repair or reset problematic Store apps from Settings → Apps
Malware masquerading as Runtime Broker: Run a full system scan with Windows Defender or a reputable antivirus
OS cache or profile issues: Run System File Checker (sfc /scannow) and consider a clean user profile test

Quick Fixes:
1. Quick Fixes:
2. 1. Open Task Manager (Ctrl+Shift+Esc) → RuntimeBroker.exe → End Task for spikes
3. Close unnecessary Store apps and restart permission prompts
4. Settings → Privacy & security → Background apps → Turn off for non-essential apps
5. Check for Windows updates and apply them
6. Review app permissions in Settings → Privacy → App permissions and restrict where possible

Frequently Asked Questions

Is runtime-broker.exe safe?

Yes. The legitimate runtime-broker.exe is a Windows system process that mediates Store app permissions. Ensure the file is located at C:\Windows\System32\RuntimeBroker.exe and has a valid Microsoft digital signature.

Why is runtime-broker.exe using CPU?

CPU usage spikes occur when Store apps request permissions or when background checks run. If spikes persist without prompts, check for problematic apps and scan for malware.

Can I delete runtime-broker.exe?

No. Runtime Broker is a core Windows component. Deleting it can break app permission prompts and system stability. You can reduce its activity by managing app permissions and background tasks.

Where is runtime-broker.exe located?

Typically at C:\Windows\System32\RuntimeBroker.exe (or C:\Windows\SysWOW64\RuntimeBroker.exe on some 32-bit systems). If found elsewhere or without a signature, investigate for spoofing.

How do I reduce Runtime Broker activity?

Limit background apps, review per-app permissions, keep Windows and Store apps updated, and disable unnecessary Store apps from running in the background.

Can Runtime Broker affect gaming performance?

Indirectly. If many permission prompts occur or background checks run during gameplay, it may momentarily impact performance. Reducing background tasks and permissions can help.