Microsoft had its enterprise customers' security logs for tracking suspicious network traffic and behavior improperly gathered between early September and early October due to a vulnerability that arose while addressing a separate log collection service flaw, BleepingComputer reports.
Impacted by different levels of log disruption were Microsoft Entra, Microsoft Sentinel, Azure Logic Apps, Azure Monitor, Azure Healthcare APIs, Azure Trusted Signing, Azure Virtual Desktop, and Power Platform, according to Microsoft, which described the telemetry upload interruptions to have stemmed from a botched fix meant to address a logging service limit. While such an issue was already noted by Microsoft Vice President John Sheehan to have been resolved and notified to all customers, at least two impacted organizations were reported by cybersecurity expert Kevin Beaumont to not have been informed about the incident. Such a development comes months following Microsoft's introduction of free logging features across all Purview Audit standard clients after being criticized for providing such data only via subscription.
