Microsoft has contacted some users of its Azure cloud computing (opens in new tab) platform about a flaw that could have been exploited by hackers to access their data.
In a blog post (opens in new tab), the Microsoft Security Response Center (MSRC) explains that the vulnerability was discovered in Azure (opens in new tab) Container Instances (ACI), and could be abused by malicious users to access other customers’ information.
In the post, MSRC repeatedly claims that it found no evidence that attackers had abused the technique, and it had only notified those customers whose accounts were accessed by the Palo Alto cybersecurity (opens in new tab) researchers who reported the flaw.
We're looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won't take more than 60 seconds of your time, and we'd hugely appreciate if you'd share your experiences with us.
>> Click here to start the survey in a new window (opens in new tab) <<
- We've built a list of the best cloud computing (opens in new tab) services available
- Check our roundup of the best cloud storage (opens in new tab) services
- These are the best endpoint protection tools (opens in new tab)
“There is no indication any customer data was accessed due to this vulnerability. Out of an abundance of caution, notifications were sent to customers potentially affected by the researcher activities,” asserts MSRC.
Updating the cloud
Palo Alto researcher Ariel Zelivansky told Reuters that demonstrating the potential dangers of the vulnerability had taken his team several months, and he agreed that it’s highly unlikely that threat actors would use a similar method in the real world.
Apparently, the vulnerability existed only because Azure containers (opens in new tab) used code that had not been updated to patch a known vulnerability; an oversight which Zelivansky’s team was able to capitalize on to get full control of a cluster that included containers from other users.
"This is the first attack on a cloud provider to use container escape to control other accounts," said container security expert Ian Coldwater, who reviewed Palo Alto's work at Reuters' request.
Coldwater said the problem reflected a failure to apply patches in a timely fashion, a situation that tech vendors like Microsoft often ask their customers to avoid.
Notably, this is Microsoft’s second major vulnerability in its cloud computing platform, following the CosmosDB vulnerability (opens in new tab) late last month.
- Protect your devices with these best antivirus (opens in new tab) software
Via Reuters (opens in new tab)