Why is privilege reduction necessary in penetration testing when operating from SYSTEM privileges?

When running with SYSTEM privileges, you may encounter issues like being unable to access the current user's file content (e.g., for screen capture), differences in environment variables (e.g., %APPDATA% points to C:\Windows\system32\config\systemprofile\AppData\Roaming instead of the user's folder), and registry redirection where operations on HKCU are redirected to HKEY_USERS\.DEFAULT. Dropping to ordinary user privileges allows proper interaction with the logged-on user's profile and resources. For more context, see Penetration Techniques - Program Privilege Reduction Startup.