Updated
Updated · The Hacker News · Apr 28
Microsoft patches Entra ID role flaw enabling service principal takeover
Updated
Updated · The Hacker News · Apr 28

Microsoft patches Entra ID role flaw enabling service principal takeover

6 articles · Updated · The Hacker News · Apr 28
  • The vulnerability in the Agent ID Administrator role, disclosed by Silverfort, was patched on April 9, 2026, after responsible disclosure on March 1.
  • The flaw allowed users with this role to take ownership of any service principal, potentially escalating privileges and compromising high-impact permissions across Microsoft Entra ID tenants.
  • Microsoft’s fix now blocks unauthorized ownership assignments, displaying a 'Forbidden' error. Organizations are urged to monitor sensitive role usage, secure privileged service principals, and audit credential changes to mitigate similar risks in AI-driven identity systems.
Why are new AI features creating major security holes in cloud platforms?
How could a new AI administrator role hijack any application's identity?
The flaw is fixed, but how do you find if you were targeted before the patch?
Do 'preview' features from cloud providers pose an unacceptable security risk?
As AI agents multiply, are traditional identity security models now obsolete?

Related Stories

The Hacker NewsApr 28
CSO OnlineApr 28
HackReadApr 28
MicrosoftApr 28
securitylabs.datadoghq.comApr 28
silverfort.comApr 28