Tech News
Microsoft Copilot Studio Vulnerability Could Expose Sensitive Data
Microsoft’s AI flagship, Copilot Studio, was found to have a critical SSRF vulnerability that could potentially expose sensitive internal data to adversaries. Following a bug report, Microsoft promptly patched the flaw to ensure the security of its infrastructure.
SSRF Vulnerability Found In Microsoft Copilot Studio
A recent post from Tenable revealed a serious server-side request forgery (SSRF) vulnerability in Microsoft Copilot Studio.
Researchers discovered that a unique functionality of the tool allowed users to send HTTP requests as prompts. They tested this feature against Instance Metadata Service (IMDS) and Cosmos DB instances, eventually bypassing SSRF protection and accessing sensitive information.
The vulnerability, identified as CVE-2024-38206, received a critical severity rating and a CVSS score of 8.5. Tenable provided a detailed technical analysis of the vulnerability and its exploitation process.
Microsoft Patched The Vulnerability
Upon receiving the report from Tenable, Microsoft quickly addressed the vulnerability and credited the discovery to Evan Grant. The tech giant confirmed full mitigation in its advisory, requiring no action from users to receive the fix.
Share your thoughts in the comments section below.
Litehaus raises €1.46M pre-seed to build home-building platform
Lilo & Stitch Streaming, VOD, DVD And Blu-ray Release Dates
OpenAI to help UAE develop one of world’s biggest data centres: Report
Santander stays on Blue Jays bench in close game
Here’s a demo for Blades Of Fire, the new action-RPG from the Lords Of Shadow team
This Samsung Dolby Atmos soundbar combo is 57% off at Woot today
Google Pixel 9 Pro vs Samsung Galaxy S25 Ultra: Camera Comparison Review
FDA approves blood test that can help diagnose Alzheimer’s disease
Major Indian airports cut ties with Celebi following security clearance revocation, BA
This CPA Framework Quietly Makes Marketers Thousands Every Month
Singapore Airlines CEO set to join board of Air India, BA News, BA
Croatia to reintroduce compulsory military draft as regional tensions soar
Supernatural Season 16 Revival News, Cast, Plot and Release Date
Bangladeshi police agents accused of selling citizens’ personal information on Telegram
How Your Contact Center Can Become A Customer Engagement Center
Fallout Season 2 Potential Release Date, Cast, Plot and News
Bangladesh crisis: Refaat Ahmed sworn in as Bangladesh’s new chief justice
15 of the Best Trike & Tricycles Mums Recommend
Have Unlimited Korean Food at MANY Unlimited Topokki!
The Criterion Collection announces November 2024 releases, Seven Samurai 4K and more
-
Destination8 months agoSingapore Airlines CEO set to join board of Air India, BA News, BA
-
Breaking News10 months agoCroatia to reintroduce compulsory military draft as regional tensions soar
-
Gadgets4 months agoSupernatural Season 16 Revival News, Cast, Plot and Release Date
-
Tech News12 months agoBangladeshi police agents accused of selling citizens’ personal information on Telegram
-
Productivity11 months agoHow Your Contact Center Can Become A Customer Engagement Center
-
Gadgets4 weeks agoFallout Season 2 Potential Release Date, Cast, Plot and News
-
Breaking News10 months agoBangladesh crisis: Refaat Ahmed sworn in as Bangladesh’s new chief justice
-
Toys12 months ago15 of the Best Trike & Tricycles Mums Recommend