Microsoft on Tuesday offered guidance on the so-called "Spring4Shell" vulnerability in the Spring Framework overseen by VMware, while also indicating that its own services were unaffected.