Sunday, December 26, 2021

Microsoft reveals a serious vulnerability hidden in its Azure Cloud

Microsoft, the technology giant of America, has warned all its users that there is a hidden vulnerability hidden in an Azure cloud that could leak user data to hackers. Wiz.io that is into the business of providing security to cloud users was the first to inform Microsoft Security Response Centre (MSRC) about the hidden bug caused by mi-configuration of ‘.git’ folder in the content root, that could accidentally spill information to hackers.

“It is an unintentional error that could allow hackers access files that were not intended to be public,” stated a statement released by the Satya Nadella led company.

Highly placed sources say that the researchers’ team from Wiz notified Microsoft about the bug existing in an Azure cloud in October this year. And the Windows operating system giant informed its customers in December, after it released a fix last month; thus winning a reward of $7,500 from Wiz bug bounty program.

Meanwhile, according to the latest announcement from the Win 11 OS giant, certified & secured server hardware is now available to run Azure Stack HCI and Windows Server 2022 software instances; aimed to counter similar hardware products released by Dell, HP and Lenovo from early this year.

Technically, Secured-Core Products are added with a feature dubbed Dynamic Root of Trust for Measurement that offers a secured boot process free of any kind of tampers, thus maintaining the overall integrity in computing.

Note- In June 2021, Aditi Singh, an Indian woman who is into the field of Cybersecurity, was awarded $30,000 for discovering Remote Code Execution (RCE) bug in the Microsoft’s Azure Cloud platform.

The post Microsoft reveals a serious vulnerability hidden in its Azure Cloud appeared first on Cybersecurity Insiders.


December 27, 2021 at 10:22AM

0 comments:

Post a Comment