VMTech
+381 11 4150 20024/7 Discuss a project
← All Instagram insights VMTECH · INSTAGRAM

Microsoft fixes Entra ID vulnerability enabling service principal takeover

Microsoft исправила уязвимость Entra ID, позволявшую захват SP

Colleagues, a cybersecurity alert: Microsoft has remediated an Entra ID vulnerability.

What was found: Silverfort reported that the Agent ID Administrator role could become owner of arbitrary service principals and add credentials.

Risk: full service-principal takeover and privilege escalation where privileged roles or broad Microsoft Graph permissions exist.

Fix: disclosed 1 March; Microsoft released a patch on 9 April — assigning owner to non‑agent SPs now returns 'Forbidden'.

Recommendations: monitor sensitive roles, track SP owner changes and audit credential creation.

Why it matters: SP ownership permits actions within the principal's privileges, so owner control is critical.

What measures have you implemented to protect your SPs?

#cybersecurity #EntraID #cloudsecurity

Latest comments

No comments yet.