Microsoft unveils Security Copilot; Adapts to customer demand with layoffs
BeyondTrust, a company specialising in intelligent identity and access security, has released its 2023 Microsoft Vulnerabilities Report, which marks the report’s 10th anniversary. Vulnerabilities still threaten the company’s security, despite the launch of Microsoft Copilot.
The report provides valuable insights into the current state of the Microsoft vulnerability landscape, offering an in-depth analysis of the 2022 Microsoft vulnerabilities. The report highlights trends and significant Common Vulnerabilities and Exposures (CVEs), outlines attacker exploitation methods, and suggests prevention or mitigation strategies to protect against cyber threats.
Microsoft vulnerabilities on the rise across categories and products
Over the past decade, Microsoft has undergone significant transformations. In 2013, the company had a market capitalization of US$314 billion, which grew to US$1.79 trillion by 2022. During this period, Microsoft made notable acquisitions, such as Nokia for US$7.2 billion in 2013, and Activision for a gaming industry-record of US$70 billion in 2022, becoming Microsoft’s largest acquisition to date. However, despite these changes and the introduction of Microsoft Copilot, one thing that hasn’t changed is vulnerabilities.
In this context, it’s worth exploring Microsoft’s critical vulnerabilities, which can have a significant impact on data confidentiality, integrity, and availability. Critical vulnerabilities are those that have attributes that could lead to high-impact security incidents if exploited.
It’s important to note that Microsoft’s severity ratings are distinct from assessing the likelihood of exploitation, which is typically more fluid. The 2023 Microsoft Vulnerabilities Report highlights some notable CVEs from 2022 and outlines the methods used by attackers to exploit them, along with preventive measures to address them.
Microsoft categorises vulnerabilities into several categories, including Remote Code Execution, Elevation of Privilege, Security Feature Bypass, Tampering, Information Disclosure, Denial of Service, and Spoofing, according to the 2023 Microsoft Vulnerabilities Report. The most prevalent category in 2022 was Elevation of Privilege.
The report’s highlights reveal that 2022 saw the highest number of Microsoft vulnerabilities since the report’s inception a decade ago, with a total of 1,292. The growing quantity of vulnerabilities is a concern, as each vulnerability presents unique risks and impacts.
The report also finds that Elevation of Privilege remained the leading vulnerability category for the third year in a row, accounting for 55% (715) of the total Microsoft vulnerabilities in 2022. Microsoft Azure and Dynamics 365 contributed to the company’s most significant financial and vulnerability growth. Furthermore, 6.9% of Microsoft vulnerabilities in 2022 were categorised as ‘critical,’ compared to 44% in 2013.
In the last decade, Microsoft vulnerabilities have increased across all categories, with Elevation of Privilege vulnerabilities experiencing a staggering 650% surge, according to the 2023 Microsoft Vulnerabilities Report. The overall rise in vulnerabilities has been fuelled by new Microsoft products, particularly Azure and Dynamics 365, which saw a 159% increase in vulnerabilities in the past year alone. This increase is primarily attributed to one product, the Azure Site Recovery Suite.
The solution? Launching Microsoft’s GPT-4-based Copilot
Microsoft has unveiled its latest security product, the Microsoft Security Copilot, which is powered by OpenAI’s GPT-4 generative AI. This innovative security solution combines an advanced large language model with a security-specific model developed by Microsoft. It integrates Microsoft’s threat intelligence and over 65 trillion daily signals to offer a comprehensive security experience. Operating on Azure’s hyperscale infrastructure, the Security Copilot is suitable for enterprise-grade security requirements.
One of the most intriguing features of the Microsoft Security Copilot is its ability to learn and improve continually, providing security teams with the latest knowledge of attackers, their tactics, techniques, and procedures. With its vast threat analysis footprint and visibility into threats, the Security Copilot is an ideal solution for organisations with limited security teams.
While acknowledging that AI-generated content may contain errors, Vasu Jakkal, Corporate Vice President of Security, Compliance, Identity, and Management at Microsoft, explained in a blog post that the Security Copilot is a closed-loop learning system that continuously learns from users’ feedback. By refining the system’s responses, Microsoft ensures that the Security Copilot generates more coherent, relevant, and helpful answers over time.
Copilot provides advanced threat detection capabilities, but is not flawless
Jakkal has highlighted the significant capabilities of Copilot. The product allows defenders to operate at the speed and scale of AI, merging an advanced large language model with a security-specific model developed by Microsoft.
With Security Copilot, organisations gain access to advanced OpenAI models for demanding security tasks, real-time threat insights, and security analyst expertise from Microsoft’s exclusive global threat intelligence, and seamless integration with Microsoft’s comprehensive security portfolio.
While Security Copilot shows great promise in enhancing Microsoft’s vulnerability management, Jakkal acknowledges in a blog post that the system is unlikely to resolve the issue completely. As a closed-loop learning system, Security Copilot constantly improves based on user feedback, which is a significant advantage. However, AI-generated content may contain errors, affecting the system’s accuracy.
As such, it is crucial to continue refining the system and not rely on it solely to address all of Microsoft’s vulnerability concerns. Nonetheless, Security Copilot is a valuable tool that helps detect hidden malicious activities, enhances security teams’ expertise, and provides an up-to-date view of potential threats.
Microsoft lays off more employees, including security personnel
In related news, Microsoft has reportedly laid off 559 employees from its Bellevue and Redmond offices in Seattle, with a total of 2,743 job cuts in the area. The Washington State Employment Security Department announced the layoffs on Monday.
Microsoft’s CEO, Satya Nadella, explained that the job cuts were necessary to align the company’s cost structure with its revenue and customer demand. The downsizing is expected to impact Microsoft’s security operations, according to media reports.
Nadella mentioned that one of the measures taken for the layoffs was lease consolidation, which suggests that Microsoft may lose its office space in the Redmond campus. In January, Microsoft announced that it would not renew its lease for the 26-story City Center Plaza in the Bellevue area, which is set to expire in June 2024.
Continue the discussion at the AIBC Americas Summit
SiGMA Group is excited to invite you to the upcoming , taking place this June in São Paulo, Brazil. A must-attend event for anyone involved in the emerging tech industry, featuring a range of exciting networking opportunities and cutting-edge conference sessions on AI, Crypto, Blockchain and more.
Dont miss out on this incredible opportunity to connect with other industry professionals, learn from experts in the field, and experience the vibrant culture of São Paulo.
