Microsoft’s initial response involved implementing a partial fix in acknowledgment of the issue. However, this partial solution fell short of completely resolving the vulnerability, prompting Tenable to warn that the proposed patch did not adequately address the problem. Microsoft subsequently set a new deadline for a comprehensive fix, scheduled for September.
This timeline, which would have left the vulnerability unaddressed for approximately five months, drew severe criticism from Yoran. He expressed his concerns through a LinkedIn blog post, condemning Microsoft’s negligence in protecting its Azure users. Yoran’s criticisms labeled the company’s actions as “grossly irresponsible,” given the potential consequences of the vulnerability.
