Primary

Context

Microsoft AutoUpdate Elevation of Privilege Vulnerability

Vulnerability

Patched

A vulnerability allowing elevation of privilege has been identified in Microsoft AutoUpdate (MAU) for Mac, specifically in version 4.78 prior to 4.78.25022527. This vulnerability arises from a time-of-check time-of-use (TOCTOU) race condition, which an attacker could exploit to gain root privileges and execute commands in the target environment.

Impact

Exploitation of this vulnerability could allow an attacker to elevate privileges to root, enabling them to execute commands with full administrative rights on the affected system.

Remediation

Microsoft has released a security update for this vulnerability in Microsoft AutoUpdate for Mac, version 4.78.25022527. Customers should install this update to be fully protected. Those with automatic updates enabled do not need to take any further action.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

7.5

exploitability

2.9

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

7.5

exploitability

2.9

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Microsoft AutoUpdate Elevation of Privilege Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Microsoft AutoUpdate

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating