Congratulations to all the researchers recognized in this quarter’s Microsoft Researcher Recognition Program leaderboard! Thank you to everyone for your hard work and continued partnership to secure customers.
The top three researchers of the 2022 Q3 Security Researcher Leaderboard are: Zhiyi Zhang , Yuki Chen , and Dang The Tuyen! Check out the full list of researchers recognized this quarter here.
Category: Uncategorized
Community support for Node 16 LTS is ending on 11 September 2023
Community support for Node 16 LTS is ending on 11 September 2023 – transition to Node 18 LTS by that date.
App Service Environment version 1 and version 2 will be retired on 31 August 2024
Migrate to App Service Environment version 3 by 31 August 2024.
Community support for PHP 8.0 is ending on 26 November 2023
Community support for PHP 8.0 is ending on 26 November 2023 – transition to PHP 8.1 by that date.
Continuous delivery setting of Azure VMSS will be retired on 31 March 2023 – Use Azure DevOps to create pipelines
Start using Azure Pipelines by 31 March 2023 instead of Azure Portal to create Continuous delivery pipelines for Azure Virtual Machine Scale Set
Cloud Services (classic) deployment model is retiring on 31 August 2024
Migrate your cloud services to a new deployment model before 31 August 2024.
General availability: Azure Premium SSD v2 Disk Storage
Premium SSD v2 is the next generation Azure Premium SSD Disk Storage. It offers the most advanced general-purpose block storage solution with the best price-performance.
General availability: OpenTelemetry exporter for Azure Data Explorer
Azure Data Explorer now supports ingestion of data from many receivers via the OpenTelemetry exporter.
Awareness and guidance related to potential Service Fabric Explorer (SFX) v1 web client risk
Summary Summary Microsoft was recently made aware of a Cross-Site Scripting (XSS) vulnerability (CVE-2022-35829), that under limited circumstances, affects older versions of Service Fabric Explorer (SFX). The current default SFX web client (SFXv2) is not vulnerable to this attack. However, customers can manually switch from the default web client (SFXv2) to an older vulnerable SFX web client version (SFXv1).
Investigation Regarding Misconfigured Microsoft Storage Location
October 28, 2022 update: Added a Customer FAQ section.
Summary Summary Security researchers at SOCRadar informed Microsoft on September 24, 2022, of a misconfigured Microsoft endpoint. This misconfiguration resulted in the potential for unauthenticated access to some business transaction data corresponding to interactions between Microsoft and prospective customers, such as the planning or potential implementation and provisioning of Microsoft services.