Redmond Magazine

Azure AD Graphs Will Finally Be Retired in February

Microsoft on Thursday announced that Azure AD Graph APIs will stop processing application requests after Feb. 1. "Our next big milestone starts February 1st, when existing applications will be ...
腾讯网

CVE-2025-55241:CVSS 10.0分Microsoft Entra ID漏洞或危及全球所有租户

2025年最重大的安全发现之一,研究员Dirk-jan Mollema披露了Microsoft Entra ID(原Azure AD)中一个可能让攻击者入侵全球几乎所有租户的漏洞。该漏洞被追踪为(CVE-2025-55241),CVSS评分达10分,源于不安全的"Actor tokens"和传统Azure AD Graph API的验证缺陷。 Mollema表示:"使用 ...