Microsoft has patched a local privilege escalation vulnerability in Defender for Endpoint on macOS that could allow an attacker with a foothold on a Mac to seize higher system rights. The company issued the fix in June 2026 but only publicly confirmed the CVE on July 14, leaving a window where unpatched devices were vulnerable without their admins’ knowledge. Every Mac running Microsoft Defender for Endpoint needs to be on agent build 101.26042.0020 or newer to close the hole.
The Fix Arrived Before the World Knew About It
The vulnerability, tracked as CVE-2026-56178, exists in all Defender for Endpoint agent builds for macOS earlier than 101.26042.0020. Microsoft’s Security Update Guide lists the issue as a time-of-check/time-of-use (TOCTOU) race condition—classified as CWE-367—with a CVSS 3.1 base score of 5.5. That rating reflects the requirement that an attacker already have local, low-privileged access to the target Mac; no user interaction is needed, and there’s no remote attack path.
Microsoft’s June 2026 Defender for Endpoint release for macOS, build 101.26042.0020, contains the remediation. The corresponding application version is 20.126042.20.0, engine version 1.1.26040.3000, and security intelligence version 1.453.151.0. The July 2026 build, 101.26052.0016 (app version 20.126052.16.0), supersedes it. While Microsoft’s release notes for these updates mention only generic “security and critical updates,” the public advisory confirms that the June update is the minimum fixed baseline.
This timeline means organizations that updated their Mac fleets between June and mid-July were already protected, albeit unknowingly. Those that delay updating their security tools for weeks—a practice that is all too common—may have been sitting ducks.
What This Means for Your Mac—and Your Organization
If you’re an individual Mac user who relies on Microsoft Defender for Endpoint as part of a corporate security program, the news is straightforward: you likely have nothing to do if your IT department pushes updates automatically. However, you can verify your protection with a quick Terminal command. If you’re an IT administrator managing a mixed Windows and macOS fleet, the CVE is a call to audit every Mac, not just glance at a console dashboard.
For the Home or BYOD User
On a personally owned Mac that runs Defender for Endpoint (typically via employer policy), the Microsoft AutoUpdate tool should handle updates automatically. Apple’s macOS security model makes it unlikely that an attacker can exploit this flaw remotely; they’d need to be logged in locally with a restricted account. Still, you can check which agent version is installed:
mdatp health --field app_version
If the number shown is 20.126042.20.0 or higher, you’re safe. If it’s lower, you can force a manual update:
cd /Library/Application\ Support/Microsoft/MAU2.0/Microsoft\ AutoUpdate.app/Contents/MacOS
./msupdate --install --apps wdav00
Even if you see current security intelligence updates, that doesn’t guarantee the underlying agent code has been patched—a crucial distinction Microsoft warns about.
For IT Administrators
For teams managing corporate Macs, the real risk is process failures. Many organizations use Microsoft Intune or Jamf Pro to deploy Defender for Endpoint, but silently falling behind on agent updates is easy. Several factors can cause this:
- Devices that are frequently offline.
- Restrictive egress rules that block Microsoft AutoUpdate.
- Pre-release or staggered update channels that leave some machines on older builds.
- The default six-month expiration of Defender for Endpoint agents on macOS, after which they may still receive signature updates but stop getting application fixes.
A Mac that appears compliant in the Microsoft 365 Defender portal because its security intelligence is current may actually be running a vulnerable agent version. Administrators must query the device fleet directly—not rely solely on aggregate portal reports.
The following steps are essential:
- Inventory every Mac with Defender for Endpoint. Use your MDM solution to poll installed agent versions.
- Mark any device below
20.126042.20.0as noncompliant. Do not confuse the application version with the platform build (101.26042.0020); both indicate the same patch level but are reported differently depending on the tool. - Deploy the latest production release. Unless you have a specific compatibility need for the June build, push the July 2026 update (or later) to all clients.
- Verify the agent expiration date. Run
mdatp health --field product_expirationon a sample of devices. If the date is within a few months, the agent may soon stop receiving programmatic updates entirely, even though it keeps downloading signatures. - Set up proactive alerting. In Intune, create a compliance policy that flags any macOS device where Defender for Endpoint’s app version falls below the minimum required. In Jamf Pro, use smart groups to detect outdated agents and trigger automatic update workflows.
A single overlooked device is all an attacker needs. Given that Defender for Endpoint runs with elevated permissions on macOS—it integrates deeply with Apple’s system extension framework—a compromised agent could provide an attacker with the keys to disable security controls, steal data, or establish persistence.
How We Got Here: Defender’s Expanding Surface
Microsoft Defender for Endpoint began as a Windows-only product, but its macOS agent has been available since 2019. Today, it’s a critical piece of security infrastructure in many enterprises that have embraced Macs alongside PCs. The agent’s privileged position—monitoring file access, analyzing process behavior, and interfacing with macOS kernel extensions—makes it a high-value target.
This CVE is a classic race condition: the software validates a resource (like a file path or permission) at one moment, then acts on that resource later, without rechecking it. An attacker who can exploit the gap between “check” and “use” can trick the privileged component into operating on something it didn’t intend. Microsoft hasn’t revealed the exact component or a proof-of-concept, but the pattern is well understood.
The security community’s response has been measured. The National Vulnerability Database gives it a “none” for exploitation status, and CISA’s SSVC decision tree rates automation as “no.” That doesn’t mean the flaw is harmless—only that there’s no public evidence of active attacks or an easily mass-exploitable condition. But as with any local privilege escalation, it becomes dangerous when chained with another vulnerability that provides initial access.
The delay between the June fix and July advisory is typical for Microsoft: they often patch vulnerabilities months before publishing CVEs to give customers time to deploy updates quietly. The risk is that many organizations ignore “routine” Defender updates because they perceive them as signature tweaks rather than application patches. This CVE is a reminder that the Defender client itself requires the same rigorous patch management as any other software.
What to Do Right Now
Whether you’re a user or an admin, the action item is the same: confirm you’re on a fixed build. The table below summarizes the version numbers you need.
| Platform | Minimum Required Build | Latest Recommended Build | How to Check |
|---|---|---|---|
| macOS (Defender) | 101.26042.0020 | 101.26052.0016 | mdatp health --field app_version |
If your agent is outdated, update it immediately via Microsoft AutoUpdate or your MDM. Then, set a recurring calendar task to audit Defender versions across all platforms—not just Windows—at least monthly.
Outlook: The Threat Is Latent, Not Active—But Don’t Wait
No in-the-wild attacks using CVE-2026-56178 have been documented yet. That’s good news, but it’s also temporary. Attackers can reverse-engineer patches to develop exploits within days of a disclosure. Since Microsoft didn’t publicize the flaw until weeks after the fix went out, the safe window is already closing.
More broadly, this CVE underscores a trend: as Microsoft’s security products stretch across platforms, they inherit the same patch-management debt that plagues every other application. Windows admins who meticulously track KB numbers and Patch Tuesday updates often have less rigorous processes for their Mac fleets. A single vulnerability in a cross-platform tool can be the chink that breaks an otherwise well-defended environment.
Watch for any signs that this CVE has been weaponized. If Microsoft or third-party researchers publish a proof-of-concept, the priority level will jump from “patch soon” to “drop everything and deploy now.” Until then, the urgency is moderate—but the fix is trivial, so there’s little reason to delay.