Primary

Context

Microsoft AutoUpdate Privilege Escalation Vulnerability

Vulnerability

Patched

A vulnerability allowing improper input validation in Microsoft AutoUpdate (MAU) for Mac has been identified, which could enable an authorized attacker to locally elevate privileges. This issue arises because the application does not properly validate input, allowing attackers to manipulate installers and gain higher-level access.

Impact

Exploitation of this vulnerability could allow an attacker to gain ROOT privileges on the affected system.

Reproduction

To exploit this vulnerability, an attacker could download an installer and replace it with a malicious version before it is executed. Once the victim runs the altered installer, the attacker could use it to elevate privileges.

Remediation

Users can refer to the Microsoft AutoUpdate for Mac Security Update for addressing this vulnerability.

Added: Jun 10, 2025, 7:02 PM

Updated: Jun 10, 2025, 7:02 PM

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

10.0

exploitability

3.4

remediation

7.7

relevance

0.2

threat

1.6

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

10.0

exploitability

3.4

remediation

7.7

relevance

0.2

threat

1.6

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Microsoft AutoUpdate Privilege Escalation Vulnerability

Vulnerability

Impact

Reproduction

Remediation

Affected Products

Microsoft AutoUpdate

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating