Unity announced a security vulnerability (CVE-2025-59489) that is affecting games or applications built with the Unity Gaming Engine Editor (version 2017.1 or later). You may be using a Microsoft app or playing a Microsoft game that should be uninstalled until an update is available. We are working to update games and applications that are potentially affected by this Unity vulnerability. In most cases, you can stay safe by ensuring your games and applications are up to date and Microsoft Defender is running on your device. If you have downloaded a vulnerable game or app (see list below) on one of the following platforms, you could be at risk: Android Windows Linux (Desktop) Linux (embedded) MacOS We have confirmed the following are not impacted: Xbox consoles Xbox Cloud Gaming iOS HoloLens Recommended Next Steps: For Developers: Unity has made a fix available to developers. Organizations who believe that they have an app or game that might be impacted should reference Unity guidance and update their apps/games as soon as possible. You can learn more from Unity here. For Players and Customers: Microsoft security and game development teams are working to update any game or application that is potentially affected by this Unity vulnerability. If a Microsoft-owned game or application is not listed and you have installed all available updates, no further action is required. For customers who have automatic updates enabled, fixes will be deployed as they become available. If you have automatic updates turned off, please check to see if you have any updates available for your downloaded apps and games and install the latest update on your device. Customers who have an impacted app or game installed (see below list) are encouraged to take these steps: Temporarily uninstall any impacted Microsoft apps or games until an update is available. For more guidance on how to uninstall, please see the FAQs below. Use an up-to-date version of Microsoft Defender to detect and block attempts to exploit this vulnerability. Follow guidance from Unity or your platform provider. Microsoft-owned games and apps affected by this vulnerability and their requisite updates are documented in the Security Updates Table. For Microsoft Mesh Apps Users In response to this CVE that is affecting applications built with the Unity Gaming Engine Editor (version 2017.1 or later), Microsoft has released a required security update for the Microsoft Mesh PC applications. We strongly encourage all users with the Microsoft Mesh apps installed on their devices to promptly update to the latest version of these apps, version 5.2513.3.0 or greater. If you have automatic updates enabled for these apps on all devices, no further action is required. While we do not expect this to affect the functionality of any previously-scheduled events in Microsoft Mesh, use of the immersive spaces in Microsoft Teams meetings, or immersive events in Microsoft Teams, users will be required to update the Mesh PC apps before joining newly scheduled events in Mesh. We are informing you of this now so that you can mitigate any disruptions this may introduce to your events.
Why are there no links to updates in the Security Updates Table? This document will be updated with more information as it becomes available. We recommend allowing automatic updates for the apps on your platform. I am using an impacted game or app, what should I do? You should uninstall the impacted application until an update is available. Updates are being released regularly, you can check this page to see if the impacted application has been removed from the “Updates in Progress” list above or check for available updates on your device. We also encourage customers to subscribe to Security Update Guide notifications to be alerted of updates for impacted games/apps. This Advisory and the related CVE will be updated with new information as needed and will link to any future security updates released. How do I check for and install updates for my games or apps? Windows customers can learn more here. If you are using another platform, please refer to their guidance. How do I uninstall an impacted game or application? To uninstall an app or game on Windows, press the Windows logo key on your keyboard or toolbar, and then enter settings in the search bar. Select Settings from the results, and then go to Apps > Apps & features or Installed apps, depending on your version of Windows. If you're on a Windows 10 device, choose the game that you want to uninstall from the list and then select Uninstall two times. On Windows 11, select the More actions button (“…”), and then select Uninstall two times. If you're on a Windows 10 device, choose the game that you want to uninstall from the list and then select Uninstall two times. On Windows 11, select the More actions button (“…”), and then select Uninstall two times. How do I know if my game is impacted? You can review the above list for impacted Microsoft titles. If the game you are playing is not listed and you have installed all available security updates, no further action is required. The above list is only represen