Plateforme
macos
Composant
microsoft-autoupdate
Corrigé dans
4.76
CVE-2025-21360 describes a privilege escalation vulnerability within Microsoft AutoUpdate (MAU) on macOS. Successful exploitation could allow an attacker to gain elevated system privileges, potentially leading to unauthorized access and control. This vulnerability impacts versions 4.0.0 through 4.76; Microsoft has released a patch in version 4.76.
The core impact of CVE-2025-21360 lies in its potential for privilege escalation. An attacker who can successfully exploit this flaw could bypass standard security controls and execute code with elevated permissions. This could enable them to install malware, steal sensitive data, modify system configurations, or even gain complete control over the affected macOS system. The blast radius extends to any data or resources accessible by the user account under which MAU is running, and potentially beyond if the attacker can leverage the elevated privileges to compromise other parts of the system. While specific attack scenarios are not detailed in the available information, the nature of privilege escalation vulnerabilities often involves exploiting flaws in how MAU handles updates or interacts with the operating system.
CVE-2025-21360 was publicly disclosed on January 14, 2025. The vulnerability's exploitation context is currently unclear; no public proof-of-concept (PoC) code has been released. Its inclusion in the CISA KEV catalog is pending. The CVSS score of 7.8 indicates a high probability of exploitation if a PoC becomes available.
Organizations and individuals using Microsoft AutoUpdate on macOS, particularly those running older versions (4.0.0 - 4.76), are at risk. This includes environments where AutoUpdate is configured to automatically install updates without user intervention, as this increases the potential for exploitation if a PoC is released.
• macos: Use osascript to check the AutoUpdate version:
osascript -e 'tell application "Microsoft AutoUpdate" to get version'• macos: Monitor system logs (Console.app) for errors or unusual activity related to Microsoft AutoUpdate. Filter for processes launching with elevated privileges. • macos: Use Activity Monitor to identify any unexpected processes running under the Microsoft AutoUpdate user account.
disclosure
Statut de l'Exploit
EPSS
0.22% (percentile 44%)
CISA SSVC
Vecteur CVSS
The primary mitigation for CVE-2025-21360 is to upgrade Microsoft AutoUpdate to version 4.76 or later. If an immediate upgrade is not feasible due to compatibility issues or system downtime constraints, consider temporarily restricting the execution of AutoUpdate processes and carefully monitoring system logs for suspicious activity. While no specific WAF or proxy rules are applicable, ensuring that the system is generally hardened against unauthorized software installations can reduce the attack surface. After upgrading, confirm the successful update by verifying the AutoUpdate version number within the Microsoft AutoUpdate application.
Actualice Microsoft AutoUpdate a la versión 4.76 o posterior. La actualización se puede realizar a través de la propia aplicación Microsoft AutoUpdate o descargando la última versión desde el sitio web de Microsoft. Esto solucionará la vulnerabilidad de elevación de privilegios.
Analyses de vulnérabilités et alertes critiques directement dans votre boîte mail.
CVE-2025-21360 is a privilege escalation vulnerability affecting Microsoft AutoUpdate on macOS, allowing potential attackers to gain elevated system privileges.
You are affected if you are running Microsoft AutoUpdate on macOS versions 4.0.0 through 4.76. Upgrade to version 4.76 to mitigate the risk.
Upgrade Microsoft AutoUpdate to version 4.76 or later. If immediate upgrade is not possible, restrict AutoUpdate execution and monitor system logs.
Currently, there is no confirmed active exploitation of CVE-2025-21360, but the high CVSS score suggests a potential for future exploitation.
Refer to the official Microsoft Security Update Guide for CVE-2025-21360: [https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21360](https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21360)
Téléverse ton fichier de dépendances et découvre instantanément si cette CVE et d'autres te touchent.