{"id":226262,"date":"2025-12-02T00:32:18","date_gmt":"2025-12-02T06:32:18","guid":{"rendered":"https:\/\/lifeboat.com\/blog\/2025\/12\/microsoft-to-secure-entra-id-sign-ins-from-script-injection-attacks"},"modified":"2025-12-02T00:32:18","modified_gmt":"2025-12-02T06:32:18","slug":"microsoft-to-secure-entra-id-sign-ins-from-script-injection-attacks","status":"publish","type":"post","link":"https:\/\/lifeboat.com\/blog\/2025\/12\/microsoft-to-secure-entra-id-sign-ins-from-script-injection-attacks","title":{"rendered":"Microsoft to secure Entra ID sign-ins from script injection attacks"},"content":{"rendered":"<p><a class=\"aligncenter blog-photo\" href=\"https:\/\/lifeboat.com\/blog.images\/microsoft-to-secure-entra-id-sign-ins-from-script-injection-attacks.jpg\"><\/a><\/p>\n<p>Microsoft plans to enhance the security of the Entra ID authentication system against external script injection attacks starting in mid-to-late October 2026.<\/p>\n<p>This update will implement a strengthened Content Security Policy that allows script downloads only from Microsoft-trusted content delivery network domains and inline script execution only from Microsoft-trusted sources during sign-ins.<\/p>\n<p>After rollout, it will protect users against various security risks, including cross-site scripting attacks in which attackers inject malicious code into websites to steal credentials or compromise systems.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Microsoft plans to enhance the security of the Entra ID authentication system against external script injection attacks starting in mid-to-late October 2026. This update will implement a strengthened Content Security Policy that allows script downloads only from Microsoft-trusted content delivery network domains and inline script execution only from Microsoft-trusted sources during sign-ins. After rollout, it [\u2026]<\/p>\n","protected":false},"author":427,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[31,1492],"tags":[],"class_list":["post-226262","post","type-post","status-publish","format-standard","hentry","category-policy","category-security"],"_links":{"self":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/226262","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/users\/427"}],"replies":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/comments?post=226262"}],"version-history":[{"count":0,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/226262\/revisions"}],"wp:attachment":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/media?parent=226262"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/categories?post=226262"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/tags?post=226262"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}