NewsWorldMicrosoft's cloud has been compromised, thousands of customers potentially...

Microsoft’s cloud has been compromised, thousands of customers potentially affected – Frandroid


A security breach has compromised Microsoft’s cloud. Some of the largest companies in the world are said to be affected by the problem.

This is a problem Microsoft would have liked to have done without. The firm was forced to warn thousands of customers of its cloud services of a major security problem: intruders would have had the possibility by exploiting a flaw to access, modify or delete their databases. These customers include some of the biggest companies in the world. The stakes are therefore of the highest level.

Keys left on the door

It was a security research team from the company Wiz that discovered this flaw and informed about it. Microsoft as quickly as possible. It concerns Cosmos DB, a flagship of Microsoft Azure when it comes to database management. Without further details, the team managed to find a way to access Microsoft customer database access keys. According to Ami Luttwak, representative of Wiz, it is quite simply ” the worst cloud vulnerability imaginable “. He adds ” this is the central Azure database and we could access any customer database we wanted “.

The worst cloud vulnerability imaginable.

Such a key gives full access to the database, in the same way as its legitimate owner, and makes it possible to modify or delete it entirely, or to read its content. The problem is therefore of the highest level since we could read the confidential data of particularly powerful companies.

For the discovery of this flaw, the company Wiz announces that it has received 40,000 dollars from Microsoft.

The flaw corrected, the solution in the hands of customers

Microsoft teams claim to have corrected the security flaw called ChaosDB, which allowed access to these keys. Problem: the firm itself cannot modify the compromised keys and therefore contacted on Thursday the customers they believe to be potentially victims of the problem to ask them to modify the key. According to Wiz, however, Microsoft would only have contacted the companies affected by the month in which the Wiz team discovered the vulnerability, which already existed before.

Microsoft is experiencing a lot of setbacks at the moment concerning the security of its products. It was thus discovered that plugging in a simple Razer mouse was enough to take control of a PC, and Windows suffered the full brunt of the PrintNightmare flaw in recent months.


Comments are closed.

Latest news

Six takeaways from primaries in Georgia, Alabama, Arkansas and Texas

Why the Georgia primary is key for Trump 2:34 (CNN) -- Republican voters in Georgia demonstrated Tuesday that...

PSG: Ceferin “tired” of criticism from Real and La Liga after Mbappé’s extension – RMC Sport

Asked by the BBC about the reaction of Real Madrid and La Liga after Kylian Mbappé's extension to Paris...

Covid today Lazio, 2,436 infections: 1,293 cases in Rome

There are 2,436 new coronavirus infections today 25 May in Lazio, according to data from the latest covid-19 bulletin....

Zlatan Ibrahimovic (AC Milan) absent for “7 to 8 months”

While AC Milan fans are still celebrating the title of Italian champion acquired on Sunday, Zlatan Ibrahimovic has...

Palermo, anti-mafia operation

(Adnkronos) - 9 people arrested in Palermo

You might also likeRELATED
Recommended to you