vuln disclosure
CVE-2025-59497: TOCTOU Race Condition in Microsoft Defender for Endpoint on LinuxCVE-2025-59497
Microsoft disclosed CVE-2025-59497, a time-of-check time-of-use (TOCTOU) race condition in the Defender for Endpoint Linux agent. A local attacker with low privileges can trigger a denial-of-service condition, potentially disabling real-time protection and telemetry. A security update was released on October 14, 2025.