Passwordless accounts rely on MS Authenticator or a security key for login.
Microsoft Azure silently install management agents on your Linux VMs, which now have RCE and LPE vulns.
Microsoft don’t have an auto update mechanism, so now you need to manually upgrade the agents you didn’t know existed as you didn’t install them. https://t.co/czavbvt8LT
— Kevin Beaumont (@GossiTheDog) September 14, 2021
There are many departments of government: IRS, CIA, DOL, FBI, FDA, OSHA, DOD, DOI, FTC, SEC, DOS, NSA, Facebook, LinkedIn, Twitter, Amazon, Microsoft….
— Jeffrey A Tucker (@jeffreyatucker) September 14, 2021
SOURCE: Ars Technica