Microsoft forewarned thousands of its consumers about this major risk.

World of Interminable Words

It was found that Microsoft Azure's flagship Cosmos DB database was vulnerable to access from security firm Wiz. They had been able to access keys that controlled access to databases held by thousands of companies.

The company warned thousands of its cloud computing customers, including some of the largest companies on earth, that users could be able to read, edit or even delete their main databases, according to the email and a cyber security researcher.

It was found that Microsoft Azure's flagship Cosmos DB database was vulnerable to access from security firm Wiz. They had been able to access keys that controlled access to databases held by thousands of companies. A former CTO at Microsoft's Cloud Security Group, Ami Luttwak is the Chief Technology Officer of Wiz.

The message instructed customers to reset their keys since Microsoft cannot do it alone. According to an email Microsoft sent to Wiz, it took Wiz four days to find the flaw and report it. Microsoft agreed to pay Wiz $40,000 in compensation for finding the flaw and reporting it.

In a statement to Reuters, Microsoft said: "We fixed this issue immediately to keep our customers safe. We thank the security researchers who worked under coordinated vulnerability disclosure."

According to Microsoft's email to customers, there was no evidence the flaw had been exploited. "We don't believe external entities outside the researcher (Wiz) have access to the primary read-write key," it stated.

The cloud vulnerability, Luttwak told Reuters, is the worst cloud vulnerability that anyone could imagine. It is a secret that has lasted a long time. The centralized database of Azure was compromised. We were able to gain access to any customer database we desired."

According to Luttwak, the problem was discovered by his team on Aug. 9 and notified Microsoft on Aug. 12.

The weakness was found in Jupyter Notebook, a visualisation tool that has been available for years but was only enabled by default in Cosmos in February. Wiz highlighted the problem in a blog post after Reuters reported on it.

Even clients who have not been contacted by Microsoft may have had their keys swiped by attackers, giving them access until their keys are changed, according to Luttwak. When Wiz was working on the problem, Microsoft only informed customers whose keys were displayed this month.

Read More

This is original content from NewsBreak’s Creator Program. Join today to publish and share your own content.

Comments / 0

Published by

I assure you that you will take some good knowledge from the blog page and that is why I have created this blog. I have made this blog (World of Interminable Words ) for you only from here you can definitely take some new knowledge. I thank you again that you came to my page and learned something from a new topic, Technology, Fashion, Current News, Blogs, New Knowledge, Education, Sports, Latest News, How, What, Can, Why, Android, IOS, Apps, Mobile, Articles, Internet, Affiliated Marketing, etc

New York, NY

More from World of Interminable Words

Can Capitalism Bring Inclusive Growth?

The recent Oxfam Report, 2016 has once again brought forth the debate on global inequality in light of its findings that the richest 1 per cent of the world’s population now own more than the rest of us combined. This debate on global inequality in contemporary times also raises a question mark on the ability of capitalism – the economic system predominantly being followed all over the world, barring a few exceptions, to deliver inclusive growth. Capitalism is an economic system believed to have been born in the aftermath of the industrial revolution in the eighteenth-century Europe. It is based on private enterprise and private ownership of means of production like land, labor, capital etc. as compared to the economic system of Socialism, on the other end of the spectrum, which encourages public or state ownership of means of production. The producers belonging to the elite capitalist class are driven by the sole motive of profit. However, the system of capitalism has been criticized since its inception due to the exploitation of working class under horrible working conditions and low wages and for the very fact that it divides societies into classes of ‘haves’ and ‘have-nots’. Its proponents have pointed towards ills of other economic systems and freedom of choice to encourage a laissez faire system. However, in light of the growing global economic inequality and poor standards of living even among sections of citizens in first world countries that have been following capitalism in spirit and law for centuries, certainly does raise a question on capitalism’s flaws and its ability to deliver inclusive growth.

Read full story

Comments / 0