Microsoft had its enterprise customers' security logs for tracking suspicious network traffic and behavior improperly gathered between early September and early October due to a vulnerability that arose while addressing a separate log collection service flaw, BleepingComputer reports.
Microsoft Entra, Microsoft Sentinel, Azure Logic Apps, Azure Monitor, Azure Healthcare APIs, Azure Trusted Signing, Azure Virtual Desktop, and Power Platform were impacted by different levels of log disruption, according to Microsoft.
Microsoft said the telemetry upload interruptions stemmed from a botched fix meant to address a logging service limit.
Microsoft Vice President John Sheehan said the issue has already been resolved and all customers notified, but cybersecurity expert Kevin Beaumont said at least two impacted organizations claimed they were not informed about the incident. This development comes months after Microsoft introduced free logging features across all Purview Audit standard clients after being criticized for providing such data only via subscription.
