Tech News
Microsoft Copilot Studio Vulnerability Could Expose Sensitive Data
Microsoft’s AI flagship, Copilot Studio, was found to have a critical SSRF vulnerability that could potentially expose sensitive internal data to adversaries. Following a bug report, Microsoft promptly patched the flaw to ensure the security of its infrastructure.
SSRF Vulnerability Found In Microsoft Copilot Studio
A recent post from Tenable revealed a serious server-side request forgery (SSRF) vulnerability in Microsoft Copilot Studio.
Researchers discovered that a unique functionality of the tool allowed users to send HTTP requests as prompts. They tested this feature against Instance Metadata Service (IMDS) and Cosmos DB instances, eventually bypassing SSRF protection and accessing sensitive information.
The vulnerability, identified as CVE-2024-38206, received a critical severity rating and a CVSS score of 8.5. Tenable provided a detailed technical analysis of the vulnerability and its exploitation process.
Microsoft Patched The Vulnerability
Upon receiving the report from Tenable, Microsoft quickly addressed the vulnerability and credited the discovery to Evan Grant. The tech giant confirmed full mitigation in its advisory, requiring no action from users to receive the fix.
Share your thoughts in the comments section below.
Sports: Renovations gets release date in March
AMD admits the Ryzen 9 9950X3D may not be faster than the 9800X3D in gaming
Roborock Qrevo Curv robot vac review: Handles steps but not cables
Afghans fleeing Taliban appeal to Trump to exempt them from order suspending refugee relocation
3 Simple Steps to Stop Comparing Yourself to Other People
101 Funny Love Quotes for Laughs, Positive Vibes and Less Stress
Ontario faces calls to dedicate surplus land for long-term care homes to non-profits
SMITE 2 showcases its newest additions with the Wandering Market and new god Cabrakan
Google Responds to Developer Concerns About Long-term Commitment to Android XR
Air Fryer Cooking: 3 Healthy Eating Tips to Try
Singapore Airlines CEO set to join board of Air India, BA News, BA
Bangladeshi police agents accused of selling citizens’ personal information on Telegram
The Top 20 Motivational Instagram Accounts to Follow (2024)
Satisfy Your Meat and BBQ Cravings While in Texas
Soccer team’s drone at center of Paris Olympics spying scandal
15 Best Magnetic Tile Race Tracks for Kids!
Have Unlimited Korean Food at MANY Unlimited Topokki!
Croatia to reintroduce compulsory military draft as regional tensions soar
The Criterion Collection announces November 2024 releases, Seven Samurai 4K and more
15 of the Best Trike & Tricycles Mums Recommend
-
Destination4 months agoSingapore Airlines CEO set to join board of Air India, BA News, BA
-
Tech News8 months agoBangladeshi police agents accused of selling citizens’ personal information on Telegram
-
Motivation7 months agoThe Top 20 Motivational Instagram Accounts to Follow (2024)
-
Guides & Tips6 months ago
Satisfy Your Meat and BBQ Cravings While in Texas
-
Tech News6 months agoSoccer team’s drone at center of Paris Olympics spying scandal
-
Toys6 months ago15 Best Magnetic Tile Race Tracks for Kids!
-
Guides & Tips6 months ago
Have Unlimited Korean Food at MANY Unlimited Topokki!
-
Breaking News5 months agoCroatia to reintroduce compulsory military draft as regional tensions soar