Microsoft has contacted some users of its Azure cloud computing platform about a flaw that could have been exploited by hackers to access their data.
In a blog post, the Microsoft Security Response Center (MSRC) explains that the vulnerability was discovered in Azure Container Instances (ACI), and could be abused by malicious users to access other customers’ information.
In the post, MSRC repeatedly claims that it found no evidence that attackers had abused the technique, and it had only notified those customers whose accounts were accessed by the Palo Alto cybersecurity researchers who reported the flaw.
We're looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won't take more than 60 seconds of your time, and we'd hugely appreciate if you'd share your experiences with us.
- We've built a list of the best cloud computing services available
- Check our roundup of the best cloud storage services
- These are the best endpoint protection tools
“There is no indication any customer data was accessed due to this vulnerability. Out of an abundance of caution, notifications were sent to customers potentially affected by the researcher activities,” asserts MSRC.
Updating the cloud
Palo Alto researcher Ariel Zelivansky told Reuters that demonstrating the potential dangers of the vulnerability had taken his team several months, and he agreed that it’s highly unlikely that threat actors would use a similar method in the real world.
Apparently, the vulnerability existed only because Azure containers used code that had not been updated to patch a known vulnerability; an oversight which Zelivansky’s team was able to capitalize on to get full control of a cluster that included containers from other users.
"This is the first attack on a cloud provider to use container escape to control other accounts," said container security expert Ian Coldwater, who reviewed Palo Alto's work at Reuters' request.
Coldwater said the problem reflected a failure to apply patches in a timely fashion, a situation that tech vendors like Microsoft often ask their customers to avoid.
Notably, this is Microsoft’s second major vulnerability in its cloud computing platform, following the CosmosDB vulnerability late last month.
- Protect your devices with these best antivirus software