A newly disclosed and patched flaw in Windows Admin Center’s Azure Active Directory Single Sign‑On integration undermined a fundamental trust boundary in cloud management: a local administrator on a single WAC‑managed VM could combine a stolen access token with a forged Proof‑of‑Possession (PoP)...
A newly disclosed flaw in Windows Admin Center’s Azure Single Sign‑On flow can let an attacker with local administrator access on a single Azure VM or Azure Arc‑connected host break out of that host and impersonate privileged administrators to control every Windows Admin Center‑managed machine...
