You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
cve 2025 59199
About this tag
CVE-2025-59199 is a high-severity vulnerability in Windows that Microsoft patched in October 2025. The flaw, disclosed by SafeBreach Labs and dubbed Click Or Trick, involves a sandbox escape chain in Windows 11 where a low-integrity process can escalate privileges through spoofed toast notifications, COM activation, and components like Snipping Tool and Teams. Microsoft also fixed a related elevation-of-privilege issue in the Software Protection Platform (SPP) under the same CVE. Discussions on WindowsForum cover the exploit's technical details, the patch's impact, and the broader security implications of convenience features becoming attack surfaces.
SafeBreach Labs disclosed that Windows 11 contained a sandbox escape flaw, tracked as CVE-2025-59199 and patched by Microsoft on October 14, 2025, that let a low-integrity process break out through a spoofed notification click and chained Windows components. The important part is not that one...
SafeBreach Labs uncovered a Windows 11 sandbox escape vulnerability dubbed Click Or Trick, reported by IT Brief Asia and tracked as CVE-2025-59199, that Microsoft fixed in October 2025 after researchers showed a one-click chain from low-integrity code to higher-integrity execution. The finding...
Microsoft’s October 2025 security update patches a high‑severity elevation‑of‑privilege flaw in the Software Protection Platform (SPP) tracked as CVE‑2025‑59199, an improper access control vulnerability that Microsoft says could let an authorized local user escalate to higher privileges if left...