Microsoft MSRC Dismisses Dependency Confusion Vulnerability, Sparking Researcher Outcry
A security researcher claims Microsoft's Security Response Center (MSRC) wrongly dismissed a critical dependency confusion vulnerability in Azure Portal, which could have led to remote code execution.
Security researcher Wahid Fayad has publicly stated that Microsoft's Security Response Center (MSRC) allegedly dismissed a significant dependency confusion vulnerability discovered in Microsoft's Azure Portal. Fayad demonstrated a clear path to Remote Code Execution (RCE) through a malicious NPM package, but MSRC reportedly closed the case, attributing the evidence to automated security tooling rather than a genuine exploit.
The vulnerability, uncovered in January 2026, leveraged a common supply chain attack vector. Fayad identified an internal NPM package, @FxInternal/NetDiagnostics, used within the Azure Portal's client-side code. Crucially, this package and its organizational namespace were absent from the public NPM registry, leaving them open for registration. Fayad registered the namespace and published a placeholder package with a benign out-of-band (OOB) HTTP callback payload to confirm exploitability.
Upon publishing, the callback executed almost immediately, originating from Microsoft's own infrastructure (AS8075). The exfiltrated data included internal hostnames and usernames consistent with a Microsoft development or pipeline environment, providing strong evidence of RCE within Microsoft's systems. This technique, popularized by Alex Birsan in 2021, exploits the trust developers place in package managers to resolve dependencies, often defaulting to public repositories when internal ones are unavailable or misconfigured.
Fayad reported the vulnerability to MSRC on January 28, 2026. While MSRC initially investigated, they later stated that the dependency was resolved internally, making exploitation difficult. Fayad provided further evidence, including logs showing Azure ArisHttpClient validation requests pointing to pipeline involvement. Despite this, MSRC formally closed the case on March 24, 2026, concluding the callback was from "automated security tooling, not a production build or runtime pipeline."
Undeterred, Fayad appealed the decision, providing additional proof. However, MSRC maintained its stance, asserting the package was "always loaded from an internal source" and that injection was "not possible." This decision has drawn criticism, particularly as the @FxInternal/NetDiagnostics package's presence on the public registry triggered automated threat intelligence systems, leading to its classification as a critical supply chain threat (GHSA-83x6-432q-hpcf) by third-party security services.
This incident echoes a pattern of friction between researchers and MSRC observed throughout 2026, notably during the "Nightmare-Eclipse" researcher saga involving multiple Windows zero-days. While the technical nature of this dependency confusion attack differs from kernel exploits, it shares the common thread of MSRC allegedly downplaying empirical evidence of exploitation presented by researchers.
The implications extend beyond a single dismissed vulnerability. The fact that an internal package reference is embedded in public-facing JavaScript assets means external developers could inadvertently introduce supply chain risks into their own projects if they mimic similar internal naming conventions. The researcher's findings, independently validated by GitHub Advisory Database, highlight a potential blind spot in Microsoft's internal assessment processes and raise concerns about the handling of supply chain security risks.