Microsoft(US:MSFT) TechCrunch·2024-10-17 19:06Core Insights - Microsoft experienced a logging outage for its cloud products during a two-week period in September, which may have created a security blind spot for customers [1][2] - The outage was attributed to a bug in Microsoft's internal monitoring agents, not a security incident, affecting the collection of log events [1][2] - Affected products include Microsoft Entra, Sentinel, Defender for Cloud, and Purview, potentially hindering customers' ability to analyze data and detect threats [2] Incident Background - The logging outage follows previous scrutiny from federal investigators regarding Microsoft's withholding of security logs from U.S. government departments, which could have expedited the identification of China-backed intrusions [3] - The intrusions, attributed to a group known as Storm-0558, involved the theft of a digital skeleton key that allowed access to U.S. government emails stored in Microsoft's cloud [3] - In response to past incidents, Microsoft announced it would start providing logs to lower-tier cloud accounts beginning September 2023 [4]