Microsoft has published an advisory identifying CVE-2025-55317, a local elevation-of-privilege flaw in Microsoft AutoUpdate (MAU) caused by improper link resolution before file access — commonly described as a link-following or symlink/junction weakness — that can allow an authorized local...
cve-2025-55317
cybersecurity
endpoint security
hardening
link following
local exploit
macos
mau
microsoft autoupdate
msrc
patch management
privilege escalation
privilege management
reparse point
security advisory
symlink
threat detection
update agent
vulnerability