Article
Cloud & Cybersecurity

Microsoft warns of exposed databases

By Laura Berrill
August 27, 2021
undefined mins
Microsoft warns thousands of cloud customers of exposed databases, email shows

Microsoft has warned today thousands of its cloud computing customers - including some of the world’s largest companies - that intruders could have the ability to read, change or even delete their main databases, according to a copy of an email sent to them.

The vulnerability is in Microsoft Azure’s flagship Cosmos database. A research team at security company Wiz discovered it was able to access keys that control access to databases held by thousands of companies. The Wiz Chief Technology Officer, Ami Luttwak, is also a former chief technology officer at Microsoft’s Cloud Security Group.

Because Microsoft cannot change those keys by itself, it emailed the customers Thursday telling them to create new ones. Microsoft agreed to pay Wiz $40,000 for finding the flaw and reporting it, according to an email it sent to Wiz.

Microsoft spokespeople had not commented at the time of publication.

Conflicting security views

The company’s email to customers said it has fixed the vulnerability and that there was no evidence the flaw had been exploited.  It said there was ‘no indication that external entities outside the researcher (Wiz) had access to the primary read-write key’ - this is according to a copy of the email seen by news agency Reuters.

But Luttwak told Reuters: “This is the worst cloud vulnerability you can imagine. It is a long-lasting secret. This is the central database of Azure, and we were able to get access to any customer database that we wanted.”

Luttwak’s team found the problem, dubbed ChaosDB, on Aug. 9 and notified Microsoft Aug. 12, Luttwak added.

The latest in poor security news for Microsoft

This latest disclosure comes after months of bad security news for Microsoft. The company was breached by the same suspected Russian government hackers that infiltrated SolarWinds, who stole Microsoft source code.

Additionally, one recent fix for a printer flaw that allowed computer takeovers had to be redone repeatedly. And an Exchange email flaw last week prompted an urgent U.S. government warning that its customers needed to install patches issued months ago because ransomware gangs are now exploiting the flaw.

 

CloudCybersecuritydatabaseTechnology
Share
Share

Featured Articles

Google’s Becky Power joins Tech & AI LIVE London

Becky Power, Managing Director of EMEA Strategy and Operations at Google, to speak at Tech & AI LIVE London

Join Belden for a Free Webinar on Connected Plant Floor Data

On Wednesday 8th May, Belden's Mike Fisher, Arnaud Raymond & Ryan Buckner invite you to a webinar to discuss network redesign & hardware transformation

Microsoft Invests $1.7bn in Indonesia's Cloud and AI Future

Microsoft investment includes new cloud and AI infrastructure, major AI skilling initiatives and support for Indonesia’s growing developer community

Microsoft & Alphabet: AI and Cloud Strategy Driving Success

IT Procurement

Vodafone’s Maria Grazia Pecorari joins Tech & AI LIVE London

Digital Transformation

How Alteryx Aims to Bring Data Analytics Skills to All

Data & Data Analytics