Microsoft on Monday announced that she had moved the Microsoft (MSA account) service service on Azure Convidential Virtual Machines (VMS) and that it is also in the process of migration of the Signing ID Entra.
The disclosure of information occurs seven months after the technological giant – Note It has completed the Microsoft Entra ID and MS updates for both public and government clouds to create, storage and automatic turning key signing marker Accent using Azure Managed Amail (HSM) service.
“Each of these improvements helps to mitigate the vectors we suspect that the actor used in the attack on Storm-0558 on Microsoft,” Charlie Bell, Executive Vice President on Microsoft Security, – Note In a message that shared with Hacker News on the eve of the publication.
Microsoft also noted that 90% identity tokens from Microsoft Entra ID for Apps Microsoft has been confirmed by a hardened identity development set (SDK) and that 92% of employee performance accounts are now using phishing resistant multifactal authentication
In addition to isolation of production systems and the implementation of two -year security policy, the company also stated that it protects 81% of production codes using the Foreign Ministry through checking checks.
“To reduce the risk of lateral motion, we pilot a project to move work processes and customer support scripts to a specialized tenant,” it added. “The basic security lines are executed for all types of Microsoft tenants, and the new system of tenants automatically register new tenants in our emergency response system.”
The changes are part of its safe future initiative (Sfi(
Last year, SFI acquired a craving in response to the US Security Council report (CSRB), which criticize The technological giant for a number of errors that can be avoided, which has led to a violation of nearly two dozen companies across Europe and the US, founded in China a national group called Storm-0558 in 2023.
Microsoft, in July 2023, showed that A Error verification In its source code, it is allowed to provide Azure Active Directory (Azure AD) or Entra ID tokens that will be faked with thunderstorms-0558 using the MSA key to sign up multiple organizations and receiving unauthorized access to the subsequent use of post office.
Company also at the end of last year launch Windows sustainability initiative to increase safety and reliability and avoid causing system disruptions as what happened during the shameful Crowdstrike Update Inters In July 2024.
This includes a feature called Quick Machine Recovery, which allows IT -administrator to launch certain PCs with Windows even in situations where machines can’t load. It is built in the Windows recovery environment (Winre).
“Unlike the traditional repair options that rely on the user intervention, it is automatically activated when the system fails,” correct ooms my PC – Note at the end of last month.
“The whole cloud recovery process is quite simple: it checks whether the flags/settings such as CloudRemediation, AutoreMediation and, optionally, are installed. If the environment corresponds to the conditions (for example, the network and the necessary plugin), Windows is in silence.”
