Blog Post

Microsoft Entra Blog

3 MIN READ

Enhance protection of Microsoft Entra ID authentication by blocking external script injection

AnkurPatel

Microsoft

Nov 25, 2025

Microsoft is further enhancing security of the Microsoft Entra ID authentication experience by blocking external script injection. [Action may be required]

As part of Microsoft’s Secure Future Initiative, we’re making an important update to our Content Security Policy (CSP) that will enhance the security of the Microsoft Entra ID sign-in experience. Thi...

Updated Nov 19, 2025

Version 1.0

Microsoft

Joined October 11, 2019

View Profile

Microsoft Entra Blog

Stay informed on how to secure access for any identity to any resource, anywhere, with comprehensive identity and network access solutions powered by AI.

Visit the homepage

piatti

Copper Contributor

Jan 26, 2026

If I use the Microsoft Graph PowerShell Connect-MgGraph cmdlet, am I affected by this issue?

MegnaKokkalera

Microsoft

Jan 30, 2026

Hi piatti! Thanks for your question. This change is only for browser-based sign-in experiences on login.microsoftonline.com/*, so you won't be affected unless you go through the web-based Microsoft sign-in via login.microsoftonline.com/*.