Microsoft 365 Alert – Service Degradation –  Microsoft Defender XDR – Admins may be provided incorrect recommendations for three vulnerabilities in Microsoft Defender for Endpoint – RESOLVED

28/08/2025 09:28:00 AM

NHSmail Reference: INC46614383

Microsoft Reference: DZ1143229

Issue Status: RESOLVED

Issue Description: Admins may be provided incorrect recommendations for three vulnerabilities in Microsoft Defender for Endpoint.

More info: Admins may be recommended to apply patches for the vulnerabilities listed below when there’s no need to patch them:
CVE-2025-55229
CVE-2025-55230
CVE-2025-55231

Final Update: 29/08/2025 08:33:00 AM – Microsoft have successfully monitored the Microsoft Defender for Endpoint service and confirmed that all inaccurate recommendations have been rescinded. Following a thorough review of the affected environment, they can confirm that no further impact is occurring.

Scope of impact: Any admin may see incorrect recommendations for three vulnerabilities in Microsoft Defender for Endpoint.

Root cause: Inaccurate data was provided to Microsoft Defender for Endpoint, which caused incorrect recommendations to be provided for three vulnerabilities.

Next Steps: Microsoft are analyzing the data on the Microsoft Defender for Endpoint affected infrastructure to help prevent this problem from happening again.