Microsoft Says Nothing Bad Happened Due to the Azure Container Instances Blunder

  • Microsoft states its internal investigation reveals no troubling evidence as no instances were maliciously accessed.
  • The only compromised databases appear to be those accessed by Wiz researchers, who discovered the flaw.
  • The Azure vulnerability has been fixed now and clients who haven’t received a notification don’t need to do anything.

About two weeks ago, researchers at Wiz disclosed finding a critical flaw in Azure Container databases that made it possible for users to gain complete unrestricted access to the accounts and instances of other users. Since the entities that use Microsoft Azure are typically large corporations, the implications of this lapse could be dire. However, as Microsoft states now, the vulnerability hasn’t caused any actual damage to anyone, and the firm’s investigators haven’t found any signs of malicious access on any of the vulnerable customers.

Those who have received a notification on how to secure their ACI (Azure Container Instances) should revoke any privileged credentials deployed prior to August 31, 2021, and apply the best security practices that are laid out on the platform’s website. Note that revoking privileged credentials frequently is a standard security practice that should be followed anyway. Those who haven’t received a notification don’t need to do anything at all and should be totally safe from unauthorized access. The vulnerability has been fixed now. If you’re unsure about something or if you may have missed the alert, you are advised to contact Azure Support from here.

The issue with the bug discovered by Wiz is that it’s the second-worst possible scenario for cloud computing, only after leaving a database online without setting a password to protect it. The second worrying element is that the flaw has existed since 2019, as it was introduced through the ‘Jupyter Notebook’ feature. However, Microsoft only made this active by default in February 2021, so not all ACI were vulnerable to unauthorized access. Still, the period of exposure is alarmingly lengthy.

Microsoft disabled the feature 48 hours after they were alerted by Wiz, and at that time, it was active in 30% of its Azure userbase. The notifications were distributed only to those affected by Wiz’s research and had their databases accessed by the white-hat hackers. As such, not the entire 30% has been advised to rotate and regenerate their access keys, even if they should.

The tech giant is now assuring everyone that nothing bad has happened and everything has been fixed already, so they’re playing down the incident in the boldest possible way. Of course, we would never dispute Microsoft’s internal investigation findings, but you should follow the recommended security practices out of an abundance of caution.

Latest
How to Watch The Good Doctor Season 6 Online From Anywhere: Stream the Medical Drama
We will soon return to St. Bonaventure since a new season of the series is set to premiere soon, and the best...
How to Watch Darts World Grand Prix 2022 Live Stream Online from Anywhere
The 2022 Darts World Grand Prix is finally upon us, and we are looking forward to what should be a pulsating tournament...
How to Watch The Walk-In Online From Anywhere
A new drama show that follows a former Neo-Nazi as he thwarts an attempt to assassinate an MP is going to premiere...
For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: Chrome, Edge, Firefox, Safari
[class^="wpforms-"]
[class^="wpforms-"]
[class^="wpforms-"]
[class^="wpforms-"]