CVE-2026-45647

Time-of-check time-of-use toctou race condition in Microsoft Defender for Endpoint allows an authorized attacker to elevate privileges locally...

CVE-2026-45647

Time-of-check time-of-use toctou race condition in Microsoft Defender for Endpoint allows an authorized attacker to elevate privileges locally...

EUVD-2026-35571

Time-of-check time-of-use toctou race condition in Microsoft Defender for Endpoint allows an authorized attacker to elevate privileges locally...

PT-2026-48010

Name of the Vulnerable Software and Affected Versions Microsoft Defender for Endpoint for Mac affected versions not specified Description A time-of-check time-of-use TOCTOU race condition occurs in Microsoft Defender for Endpoint. This is a software bug where a system checks a condition such as a...

Microsoft Defender for Endpoint 安全漏洞

Microsoft Defender for Endpoint is an enterprise endpoint security platform provided by Microsoft Corporation in the United States. It helps protect against advanced persistent threats. There are security vulnerabilities in Microsoft Defender for Endpoint. Attackers can exploit these...

CVE-2026-21537 Microsoft Defender for Endpoint Linux Extension Remote Code Execution Vulnerability

...

CVE-2026-21537

Technical details such as affected product versions, root cause, exploit methods, and patches are not provided in the supplied documents. Monitor for updates and new disclosures.

Microsoft Defender for Endpoint Linux Extension Remote Code Execution Vulnerability

Improper control of generation of code 'code injection' in Microsoft Defender for Linux allows an unauthorized attacker to execute code over an adjacent network...

November 11, 2025—KB5068787 (OS Build 20348.4405)

November 11, 2025—KB5068787 OS Build 20348.4405 This cumulative update for Windows Server 2022 KB5068787, includes the latest security fixes and improvements, along with non-security updates from last month’s optional preview release. To learn more about differences between security updates,...

Microsoft ranked number one in modern endpoint security market share third year in a row

Amidst the backdrop of a surging number of ransomware campaigns worldwide, organizations have increasingly chosen Microsoft Defender’s endpoint security as their preferred solution. It’s engineered to disrupt cyberattacks and not business continuity. As a result, for a third year a row, Microsoft...

Trend Vision One Integrates Microsoft Defender for Endpoint

Discover how Trend Vision One integrates with Microsoft Defender for Endpoint to unify visibility, close security gaps, and accelerate risk mitigation - maximizing protection without replacing existing tools...

CVE-2025-47161

Improper access control in Microsoft Defender for Endpoint allows an authorized attacker to elevate privileges locally...

Microsoft Defender for Endpoint 访问控制错误漏洞

Microsoft Defender for Endpoint is an enterprise endpoint security platform from Microsoft Corporation USA that helps defend against advanced persistent threats. An access control error vulnerability exists in Microsoft Defender for Endpoint that stems from an elevation of privilege vulnerability...

The vulnerability of Microsoft Defender for Endpoint on Linux operating systems, related to improper external management of file names or paths, allows attackers to escalate their privileges.

The vulnerability of Microsoft Defender for Endpoint on Linux operating systems is related to incorrect external management of file names or file paths. Exploiting this vulnerability can allow attackers to increase their privileges...

Vulnerabilities fixed in Microsoft Defender

Microsoft has fixed vulnerabilities in Defender for Endpoint and Defender for Identity. A malicious party could exploit the vulnerabilities to impersonate another user and assign themselves elevated privileges, enabling execution of arbitrary code with SYSTEM privileges. For successful...

CVE-2025-26684

External control of file name or path in Microsoft Defender for Endpoint allows an authorized attacker to elevate privileges locally...

The vulnerability of the Global Search technology implemented by Microsoft Defender for Endpoint on the Microsoft Windows operating system allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Microsoft Defender for Endpoint operating system’s Global Search technology is related to deficiencies in the indexing mechanism. Exploiting this vulnerability can allow an attacker, working remotely, to gain unauthorized access to protected information...

CVE-2024-49057

Microsoft Defender for Endpoint on Android Spoofing Vulnerability...

PT-2024-9383 · Microsoft · Defender For Endpoint

Name of the Vulnerable Software and Affected Versions: Microsoft Defender for Endpoint on Android affected versions not specified Description: The issue is related to insufficient input validation, which can allow a remote attacker to conduct spoofing attacks. Recommendations: At the moment, ther...

Unlock 24/7 SOC Coverage: Rapid7 MXDR Now Supports with Microsoft Security Products

In today’s complex threat landscape, organizations need every advantage at their disposal to stay secure–starting with maximizing the tools they already have within their ecosystem. With the launch of Rapid7 MXDR’s SOC support for key Microsoft security products, we’re making it possible for...