Securing AI and Cloud with the Zero Day Quest

Toward greater transparency: Publishing machine-readable CSAF files

Congratulations to the Top MSRC 2024 Q3 Security Researchers!

Announcing the BlueHat 2024 Sessions 

Announcing BlueHat 2024: Call for Papers now open 

Summary Summary Microsoft recently mitigated a set of cross-site scripting vulnerabilities affecting Azure Bastion and Azure Container Registry (ACR). Exploitation of these vulnerabilities could have potentially allowed for an unauthorized user to gain access to a target user’s session within the compromised Azure service, and subsequently lead to data tampering or resource modification.

Headline

Microsoft mitigates set of cross-site scripting (XSS) vulnerabilities in Azure Bastion and Azure Container Registry

msrc-blog: Latest News