{"data":{"id":"1192a13f-ac5b-4f20-a7f4-a27efc3e5907","title":"Microsoft patched an ‘agent-only’ role that was not","summary":"Microsoft's 'Agent ID Administrator' role, designed to let AI agents have controlled identities in Entra ID (Microsoft's identity management system), had a security flaw that let users take ownership of unrelated service principals (the tenant-specific identities that applications use to authenticate and access resources). This meant attackers could gain the same privileges as more powerful administrator roles and potentially take over the entire tenant (organization's cloud environment).","solution":"Microsoft patched the issue by blocking the Agent ID Administrator role from modifying non-agent service principals. The fix was fully rolled out by April 9, 2026, across all cloud environments.","labels":["security"],"sourceUrl":"https://www.csoonline.com/article/4163708/microsoft-patched-an-agent-only-role-that-was-not.html","publishedAt":"2026-04-27T12:35:10.000Z","cveId":null,"cweIds":null,"cvssScore":null,"cvssSeverity":null,"severity":"high","attackType":[],"issueType":"news","affectedPackages":null,"affectedVendors":["Microsoft"],"affectedVendorsRaw":["Microsoft","Microsoft Entra ID","Agent Identity Platform"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":null,"epssScore":null,"patchAvailable":null,"disclosureDate":"2026-04-27T12:35:10.000Z","capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["integrity","confidentiality","availability"],"aiComponentTargeted":"agent","llmSpecific":false,"classifierConfidence":0.92,"researchCategory":null,"atlasIds":null}}