Microsoft Azure cloud vulnerability is the ‘worst you can imagine’

Another day, another major Microsoft vulnerability. | Illustration by Alex Castro / The Verge

Microsoft has warned thousands of its Azure cloud computing customers, including many Fortune 500 companies, about a vulnerability that left their data completely exposed for the last two years.

A flaw in Microsoft’s Azure Cosmos DB database product left more than 3,300 Azure customers open to complete unrestricted access by attackers. The vulnerability was introduced in 2019 when Microsoft added a data visualization feature called Jupyter Notebook to Cosmos DB. The feature was turned on by default for all Cosmos DBs in February 2021.

A listing of Azure Cosmos DB clients includes companies like Coca Cola, Liberty Mutual Insurance, ExxonMobil, and Walgreens, to name just a few.

Continue reading…



from The Verge - All Posts https://ift.tt/3BbOKqe

Comments