Home > Networking > Cybersecurity > Huge Vulnerability: Microsoft Cloud Customers Exposed

Huge Vulnerability: Microsoft Cloud Customers Exposed

Microsoft Azure is facing another security headache, with customers of flagship database service CosmosDB – including Fortune 500 firms – being urged to immediately rotate their access keys to guard against a serious new breach.

The vulnerability, named ChaosDB by its discoverers at security firm Wiz, Nir Ohfeld and Sagi Tzadik, exploits a data visualisation feature called Jupyter Notebook (below) which was added in 2019 and automatically turned on for all customers in February 2021.

Ohfeld and Tzadik say security issues with Jupyter Notebook meant intruders could gain access to users’ primary keys, and from there, gain read, write, and delete access to their entire databases.

Image: Wiz

“Database exposures have become alarmingly common in recent years as more companies move to the cloud, and the culprit is usually a misconfiguration in the customer’s environment. In this case, customers were not at fault.

“Rather, a series of flaws in a Cosmos DB feature created a loophole allowing any user to download, delete or manipulate a massive collection of commercial databases, as well as read/write access to the underlying architecture of Cosmos DB,” the Wiz team said.

According to Ohfeld and Tzadik, while Microsoft’s security team disabled the vulnerable feature within 48 hours of being notified, accounts using the notebook feature or that were created after January 2021 could still be at risk.

“Starting this February, every newly created Cosmos DB account had the notebook feature enabled by default and their Primary Key could have been exposed even if the customer was not aware of it and never used the feature.

“If the customer didn’t use the feature in the first three days, it was automatically disabled. An attacker who exploited the vulnerability during that window could obtain the Primary Key and have ongoing access to the Cosmos DB account,” they said.

ChaosDB is yet another security problem for Microsoft, following the SolarWinds hack and the discovery of the PrintNightmare exploit earlier this year.



You may also like
Microsoft Expands Copilot AI To OneDrive
Copilot+ PC Upgrade Deals With Fears Over Recall Feature
Windows 11 Update Delivers New Features To Copilot+ PCs
Google Files EU Antitrust Complaint Against Microsoft
Microsoft Australia And Samsung Join Forces For ‘Smoother Response’

Popular Posts

Tesla’s New Robotaxi Has No Steering Wheel Or Pedals
Latest News
/
/
Card payments (Image: Sourced from Unsplash)
Card War Looming As Retailers Push Back Against Extortionate Fees
Latest News
/
/
Apple Mac Sales Are Plunging
Latest News
/
/
YouTube Says Skip Button To Stay, But For How Many Ads?
Latest News
/
/
Google Australia Sydney Office
Google Hurtling Towards Historic Forced Breakup
Latest News
/
/

Digital Magazines

Recent Post

Tesla’s New Robotaxi Has No Steering Wheel Or Pedals
Latest News
/
//
Comments are Off
At a splashy event in California, Elon Musk has showcased an all-new fully autonomous robotaxi with gull-wing doors that surprisingly...
Read More