A recent investigation by security researchers has identified a significant flaw within Microsoft Entra, the company’s cloud-based identity and access management service. The researchers discovered a complex configuration that allows for potential unauthorized access to user data. Specifically, the vulnerability stems from outdated legacy systems and critical components within the Entra platform. This issue could potentially allow attackers to gain access to any user’s account, raising concerns about data security. Microsoft has announced a patch is available to mitigate this risk. The researchers are working with Microsoft to further assess the vulnerability and implement a solution.
Credits: Latest from TechRadar
