Microsoft’s AI Health Bot required patching for privilege vulnerability

Microsoft has patched a vulnerability in Azure Health Bot, discovered by researchers from Tenable. The HIPAA-certified platform enables healthcare organisations to develop virtual assistants for clinical staff. The vulnerability, which wasn’t exploited or disclosed, affected data connections between the AI-powered bot and external data sources. Microsoft corrected the issue with fixes released in July. Another vulnerability in the Fast Healthcare Interoperability Resources endpoints was also found, but didn’t affect requests and access.