What’s new in the MSRC Report Abuse Portal and API

Toward greater transparency: Unveiling Cloud Service CVEs 

Mitigating SSRF Vulnerabilities Impacting Azure Machine Learning

Improved Guidance for Azure Network Service Tags

Congratulations to the Top MSRC 2024 Q1 Security Researchers! 

Summary Summary Microsoft recently mitigated a set of cross-site scripting vulnerabilities affecting Azure Bastion and Azure Container Registry (ACR). Exploitation of these vulnerabilities could have potentially allowed for an unauthorized user to gain access to a target user’s session within the compromised Azure service, and subsequently lead to data tampering or resource modification.

Headline

Microsoft mitigates set of cross-site scripting (XSS) vulnerabilities in Azure Bastion and Azure Container Registry

msrc-blog: Latest News