You must log in or # to comment.
Already patched and they informed customers where this may have been used.
“To protect customers and applications that may be vulnerable to privilege escalation, Microsoft has deployed mitigations to omit token claims from unverified domain owners for most applications.”