[CIVN-2026-0175] Multiple Vulnerabilities in Microsoft Azure and Bing
—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA256
Multiple Vulnerabilities in Microsoft Azure and Bing
Indian – Computer Emergency Response Team (https://www.cert-in.org.in)
Severity Rating: CRITICAL
Software Affected
Microsoft Azure
Microsoft Bing
Overview
Multiple vulnerabilities have been reported in Microsoft Azure and Bing which may allow a remote attacker to elevate privileges, access sensitive information, and compromise system integrity.
Target Audience:
Individuals and organizations using the Microsoft Azure and Bing services.
Risk Assessment:
High risk of unauthorized access, privilege escalation, and sensitive data exposure.
Impact Assessment:
Elevation of privilege, information disclosure, unauthorized access, potential service disruption.
Description
Microsoft Azure and Microsoft Bing are cloud-based platforms that provide computing, storage, networking, and web search services to users and enterprises worldwide. These services are widely used and form a critical part of modern cloud and web infrastructure.
These vulnerabilities exist due to improper input validation, access control weaknesses, server-side request forgery (SSRF), and other security flaws in the affected services. A remote attacker may exploit these vulnerabilities to gain elevated privileges, access sensitive data, or perform unauthorized operations within the affected environment.
Successful exploitation of these vulnerabilities may allow a remote attacker to elevate privileges, access sensitive information, and compromise the integrity of the targeted system or service.
Solution
Apply appropriate updates as mentioned in:
https://msrc.microsoft.com/update-guide/vulnerability
Vendor Information
Microsoft
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32186
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32211
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32173
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-33105
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26135
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-33107
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32213
References
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32211
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32186
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32173
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-33105
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26135
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-33107
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32213
CVE Name
CVE-2026-32173
CVE-2026-33105
CVE-2026-26135
CVE-2026-33107
CVE-2026-32213
CVE-2026-32186
CVE-2026-32211
– —
Thanks and Regards,
CERT-In
Incident Response Help Desk
e-mail: incident@cert-in.org.in
Phone: +91-11-22902657
Toll Free Number: 1800-11-4949
Toll Free Fax : 1800-11-6969
Web: http://www.cert-in.org.in
PGP Fingerprint: A768 083E 4475 5725 B81A A379 2156 C0C0 B620 D0B4
PGP Key information:
https://www.cert-in.org.in/s2cMainServlet?pageid=CONTACTUS
Postal address:
Indian Computer Emergency Response Team (CERT-In)
Ministry of Electronics and Information Technology
Government of India
Electronics Niketan
6, C.G.O. Complex
New Delhi-110 003
—–BEGIN PGP SIGNATURE—–
iQIzBAEBCAAdFiEE6r4Iam/Ey0c/KakL3jCgcSdcys8FAmnXrb4ACgkQ3jCgcSdc
ys+AYhAAqbcF/o2m9/7C2GfCOils57cKuqIaWlRtYfhSUFnCYYO9ECkzV80EfvGT
FU6fIjYfO4HFfeTynkQ9alRyBI4MDcYmJEJTcrFiuw5nLl14xEPXZHJ/azUP0mb2
BaiVgH6AmHUK9gSYedSnho0FfXRQbdZq8YUecuSX2pJfs9oXSHeWiFH0W2IXgQoW
MhP22utDgLvS+auMn49OBiGMQO16+i5XZIUlg+rPs0whyPPPxiriDGetNv77vSry
aFYexBog9clfZHXsP+MvRywd1x64TWB2bUZqZyxxeA6U8F3ZrqqQoUYirILJlxyZ
OhdBa2kPUiWoxf2zB0K/19ucFcHtFVE7yOolXgbEElLGHuROnZOiW9vmbj9pWTVE
UTpeaUBlSbgDSLUwq3sj3ulYKJUhlmIVeWDvB1bAVwxvSb+mMwhhoeBzfsPkdkSW
hWQqSnk/y6+E+hqE6PJ/sXKb82zYFFcN/Yjp2WmCiSGNWP5JbsK1ecKFdMwX02xK
zvvx+m+4GpLCLZdfcUbNwsrh5EA5J1n5OOZQSHOdveq6qZ1ZwJ42tqlUgzrQlcJE
Ywi8ivJXErAMTAJbGFEIIwTn6uDhiX/NYWzVv4fD7OtGSkQeX0ZCPEux6gKaysAo
hM8tW30uHGjwzTBFKHRg9XLVyDXe6lWRahlylrH8WYecmewHnl0=
=Ha2v
—–END PGP SIGNATURE—–
![[CIVN-2026-0177] Multiple Vulnerabilities in OpenSSL](https://teamwin.in/wp-content/uploads/2025/06/certin-new-e1751351599950-500x383.png)
