The vulnerability particularly impacted applications using One-Time Passwords (OTPs), including SMS-based authentication and third-party authentication tools. The security gap raised significant concerns, especially since cybersecurity experts and organizations like CISA have been advocating for stronger authentication methods beyond SMS-based verification. Microsoft implemented interim security measures in July 2024, followed by a comprehensive fix on October 9, 2024, which introduced enhanced rate-limiting and account lockout features to prevent brute-force attacks.