Tech News
Microsoft Copilot Studio Vulnerability Could Expose Sensitive Data
Microsoft’s AI flagship, Copilot Studio, was found to have a critical SSRF vulnerability that could potentially expose sensitive internal data to adversaries. Following a bug report, Microsoft promptly patched the flaw to ensure the security of its infrastructure.
SSRF Vulnerability Found In Microsoft Copilot Studio
A recent post from Tenable revealed a serious server-side request forgery (SSRF) vulnerability in Microsoft Copilot Studio.
Researchers discovered that a unique functionality of the tool allowed users to send HTTP requests as prompts. They tested this feature against Instance Metadata Service (IMDS) and Cosmos DB instances, eventually bypassing SSRF protection and accessing sensitive information.
The vulnerability, identified as CVE-2024-38206, received a critical severity rating and a CVSS score of 8.5. Tenable provided a detailed technical analysis of the vulnerability and its exploitation process.
Microsoft Patched The Vulnerability
Upon receiving the report from Tenable, Microsoft quickly addressed the vulnerability and credited the discovery to Evan Grant. The tech giant confirmed full mitigation in its advisory, requiring no action from users to receive the fix.
Share your thoughts in the comments section below.
The Truth About Cycle Touring
India, Nepal ink 10 MoUs worth Nepalese Rs.625 million for community development projects
The Nintendo Switch 2 Direct will be about an hour long, big Ninty confirms, and you can watch it here
Researchers suggest OpenAI trained AI models on paywalled O’Reilly books
Turnovers sink Winnipeg Jets in 4-1 loss in Los Angeles – Winnipeg
Grab this $449 Philips soundbar with Dolby Atmos for just $98 on clearance at Walmart
NY Sirens upset Montreal Victoire to keep PWHL playoffs hopes alive
Goat Simulator 3 gets a big new free update with Gifts from the Rifts and a plushie goat
Earth takes on ‘eyeball’ vibes from space
The ASUS ROG Flow Z13 is the gaming tablet I didn’t know I needed
Singapore Airlines CEO set to join board of Air India, BA News, BA
Croatia to reintroduce compulsory military draft as regional tensions soar
Bangladeshi police agents accused of selling citizens’ personal information on Telegram
Bangladesh crisis: Refaat Ahmed sworn in as Bangladesh’s new chief justice
The Criterion Collection announces November 2024 releases, Seven Samurai 4K and more
15 Best Magnetic Tile Race Tracks for Kids!
15 of the Best Trike & Tricycles Mums Recommend
Have Unlimited Korean Food at MANY Unlimited Topokki!
Soccer team’s drone at center of Paris Olympics spying scandal
Satisfy Your Meat and BBQ Cravings While in Texas
-
Destination6 months agoSingapore Airlines CEO set to join board of Air India, BA News, BA
-
Breaking News8 months agoCroatia to reintroduce compulsory military draft as regional tensions soar
-
Tech News10 months agoBangladeshi police agents accused of selling citizens’ personal information on Telegram
-
Breaking News8 months agoBangladesh crisis: Refaat Ahmed sworn in as Bangladesh’s new chief justice
-
Gaming8 months agoThe Criterion Collection announces November 2024 releases, Seven Samurai 4K and more
-
Toys8 months ago15 Best Magnetic Tile Race Tracks for Kids!
-
Toys10 months ago15 of the Best Trike & Tricycles Mums Recommend
-
Guides & Tips8 months ago
Have Unlimited Korean Food at MANY Unlimited Topokki!