Microsoft Warns Clients About Exposed Database1 min read

Microsoft on Thursday cautioned a huge number of its cloud computing clients, including a portion of the world’s biggest companies, that intruders might read, change or even delete their primary databases, as indicated by a duplicate of the email and a cyber security researcher.

The weakness is in Microsoft Azure’s lead Cosmos DB database. A security team at security organization Wiz found it had the option to access keys that control access to databases held by a great many companies. Wiz Chief Technology Officer Ami Luttwak is a previous CTO at Microsoft’s Cloud Security Group.

Read More: Tiktok Enters Into Augmented Reality Market

Luttwak’s team found the problem, dubbed ChaosDB, on Aug. 9 and notified Microsoft on Aug. 12

“We have no indication that external entities outside the researcher (Wiz) had access to the primary read-write key,” according to a copy of the email seen by Reuters.”We fixed this issue immediately to keep our customers safe and protected. We thank the security researchers for working under coordinated vulnerability disclosure,” Microsoft added.

Since Microsoft can’t change those keys without help from anyone else, it messaged the clients Thursday advising them to make new ones. Microsoft consented to pay Wiz $40,000 for discovering the blemish and announcing it, as per an email it shipped off Wiz.

For more updates, be with Markedium.

Get real time updates directly on you device, subscribe now.

You might also like
Notify of

Inline Feedbacks
View all comments
Subscribe to our newsletter
Sign up here to get the latest news, updates and special offers delivered directly to your inbox.
You can unsubscribe at any time

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More

Would love your thoughts, please comment.x


Join our mailing list to receive the latest news and updates from Markedium!

You have Successfully Subscribed!