A Dutch security researcher has published an indepth analysis of a critical vulnerability that could have allowed attackers to compromise every Microsoft Entra ID tenant worldwide through a fundamental flaw in legacy authentication token handling.

Dirk-jan Mollema said he discovered the serious flaw in July this year, describing it as "the most impactful Entra ID vulnerability that I will probably ever find."

Microsoft has patched the two-pronged vulnerability , which comprised undocumented impersonation tokens used by Microsoft for backend service to service communications, and a flaw in the legacy Azure Active Directory Graph application programming interface.

The latter failed to properly validate originating tenants, Mollema said, which allowed the Actor tokens to be used for cr

See Full Page