![]() ![]() The services include Azure Automation, Azure Automatic Update, Azure Operations Management Suite, Azure Log Analytics, Azure Configuration Management, and Azure Diagnostics, a list that is probably far from complete. When Microsoft Azure users create a Linux virtual machine and enable a series of services, OMI -vulnerabilities and all - deploys in the system automatically. These three vulnerabilities score high on the CVSS. One of them, CVE-2021-38647, allows remote code execution (RCE) and is critical, and the other three, CVE-2021-38648, CVE-2021-38645, and CVE-2021-38649, can be used for privilege escalation (LPE) in multistage attacks when attackers have penetrated a victim’s network in advance. On September’s Patch Tuesday, Microsoft released security updates for four vulnerabilities in the Open Management Infrastructure agent. ![]() Vulnerabilities in the Open Management Infrastructure, and how attackers can exploit them Until Microsoft solves this problem on its end, organizations using Linux virtual machines on Azure will need to take action. The user won’t know it.Īlthough a stealth installation might sound terrible on its face, this one actually wouldn’t be so bad were it not for two issues: First, the agent has known vulnerabilities, and second, the agent has no automatic update mechanism in Azure. News has surfaced of a rather dangerous practice in Microsoft Azure, whereby when a user creates a Linux virtual machine and enables certain Azure services, the Azure platform automatically installs the Open Management Infrastructure (OMI) agent on the machine. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |