Microsoft warns thousands of cloud customers of exposed databases

Platform Industry: Microsoft logo

Microsoft has warned thousands of its cloud computing customers, including some of the world’s largest companies, that intruders could have the ability to read, change or even delete their main databases, according to a copy of the email and a cyber security researcher.

The vulnerability is in Microsoft Azure’s flagship Cosmos database. A research team at security company Wiz discovered it was able to access keys that control access to databases held by thousands of companies. Wiz CTO Ami Luttwak is a former CTO at Microsoft’s Cloud Security Group.

Because Microsoft cannot change those keys by itself, it emailed the customers Thursday telling them to create new ones. Microsoft agreed to pay Wiz $40,000 for finding the flaw and reporting it, according to an email it sent to Wiz.

Microsoft spokespeople did not immediately comment.

Microsoft’s email to customers said it has fixed the vulnerability and that there was no evidence the flaw had been exploited. “We have no indication that external entities outside the researcher (Wiz) had access to the primary read-write key,” according to a copy of the email seen by journalists.

“This is the worst cloud vulnerability you can imagine. It is a long-lasting secret,” Luttwak told journalists at our partner news agency Reuters. “This is the central database of Azure, and we were able to get access to any customer database that we wanted.”

Related Article:
Dutch watchdog finds Apple app store payment rules anti-competitive

Luttwak’s team found the problem, dubbed ChaosDB, on Aug. 9 and notified Microsoft Aug. 12, Luttwak said.

The disclosure comes after months of bad security news for Microsoft. The company was breached by the same suspected Russian government hackers that infiltrated SolarWinds, who stole Microsoft source code.

A recent fix for a printer flaw that allowed computer takeovers had to be redone repeatedly. And an Exchange email flaw last week prompted an urgent US government warning that customers need to install patches issued months ago because ransomware gangs are now exploiting it.

The team at Platform Executive hope you have enjoyed the ‘Microsoft warns thousands of cloud customers of exposed databases‘ article. Automatic translation from English to a growing list of languages via Google AI Cloud Translation. Initial reporting via our official content partners at Thomson Reuters. Reporting by Joseph Menn. Editing by William Mallard.

You can stay on top of all the latest developments across the platform economy, find solutions to your key challenges and gain access to our problem-solving toolkit and proprietary databases by becoming a member of our growing community. For a limited time, our subscription plans start from just $16 per month. What are you waiting for?

Related Article:
Zoom, Five9 to terminate nearly $15 billion all-stock deal after shareholder vote
Share this Article