Microsoft only closes known vulnerabilities after 100 days
Orca Security criticizes the slow reaction from Microsoft in fixing the SynLapse vulnerability, which was only closed after 100 days. Further isolation and hardening for better cloud security is recommended. Although SynLapse (CVE-2022-29972) is a Critical vulnerability, it has taken Microsoft over 100 days to complete the necessary steps to resolve the vulnerability. 100 days of open vulnerability After Microsoft was informed about the SynLapse vulnerability on January 4th and after several follow-ups, the first patch was only provided in March, which Orca Security was able to bypass. Microsoft has the original…