M365 Security Plus - Fixes and Enhancements [2023]
M365 Security Plus release notes
Release notes for 4531
Issue fix :
A two-factor authentication bypass vulnerability (CVE-2023-35785) reported by dalt4sec through our bug bounty program has been fixed.
- Users can now view the Schedule History for the Product Schedulers.
Issues fixed:
- The issue of geo-location data not being collected has been fixed.
- The issue with timezone conversion in the Exchange Online module that resulted in data not being available for the required time period in the Mail Trace Audit report has been fixed.
- The issue of threshold-based alert notifications not being sent out has been fixed.
- Archiving: Users now have the option to archive and restore audit logs stored in Elasticsearch data engine.
Troubleshooting: Users can now check and troubleshoot the issues in their network connection, URL endpoints connection, Exchange session creation and authentication, and permissions required by the Azure AD application and service account from the product's Tenant Settings option.
Enhancement:
Technicians can now export the managed/unmanaged objects list from the Manage License module.
Issue fixes:
The issue of the product's custom logo not being displayed on the product login and MFA page has been fixed.
The issue of unauthenticated file access in notification templates' attachment option has been fixed.