Microsoft warns thousands of cloud customers of exposed databases


Image courtesy: The Indian Express

According to a copy of the email and a cyber security researcher, Microsoft (MSFT.O) informed thousands of its cloud computing clients, including some of the world’s top corporations, on Thursday that hackers may be able to access, alter, or even erase their major databases.

The flaw can be found in Microsoft Azure’s flagship Cosmos DB database. Wiz’s research team discovered that it could obtain keys that govern access to databases owned by thousands of firms. Ami Luttwak, Wiz’s Chief Technology Officer, previously served as the CTO of Microsoft’s Cloud Security Group.

“We fixed this issue immediately to keep our customers safe and protected. We thank the security researchers for working under coordinated vulnerability disclosure,” Reuters was informed by Microsoft. According to Microsoft’s communication to customers, there is no evidence that the issue was exploited. The email stated, “We have no indication that external entities outside the researcher (Wiz) had access to the primary read-write key,”

“This is the worst cloud vulnerability you can imagine. It is a long-lasting secret,” Luttwak told Reuters. “This is the central database of Azure, and we were able to get access to any customer database that we wanted.” The vulnerability occurred in Jupyter Notebook, a visualisation tool that has been accessible for years but was enabled by default in Cosmos beginning in February. Wiz disclosed the weakness in a blog post after Reuters reported on it.

Even users who have not been told by Microsoft, according to Luttwak, may have had their keys snatched by attackers, granting them access until those keys are changed. When Wiz was working on the problem, Microsoft only informed users whose keys were displayed.

Microsoft informed Reuters that “customers who may have been impacted received a message from us,” without going into further detail. Microsoft has been plagued by negative security news for months. The same alleged Russian government hackers that hacked SolarWinds and stole Microsoft source code infiltrated the firm. Then, while a fix was being prepared, a large number of hackers hacked into Exchange email servers.

Cloud assaults, on the other hand, are more infrequent, but they may be more deadly when they come. Furthermore, some are never made public. All known security vulnerabilities in software are tracked and rated by a federally sponsored research group. However, because there is no analogous method for detecting flaws in cloud architecture, many major vulnerabilities remain unknown to consumers, according to Luttwak.


Please enter your comment!
Please enter your name here