“With a single packet, an attacker can become root on a remote machine by simply removing the authentication header.” ‘ Unfortunately, Microsoft can’t fix it for you. Users affected by these vulnerabilities must manually update the OMI agent to the patched versions.
Microsoft on Tuesday addressed a quartet of security flaws as part of its Patch Tuesday updates that could be abused by adversaries to target Azure cloud customers and elevate privileges as well as allow for remote takeover of vulnerable systems.
The list of flaws, collectively called OMIGOD by researchers from Wiz, affect a little-known software agent called Open Management Infrastructure that’s automatically deployed in many Azure services
Open Management Infrastructure (OMI) is an open-source analogous equivalent of Windows Management Infrastructure (WMI) but designed for Linux and UNIX systems such as CentOS, Debian, Oracle Linux, Red Hat Enterprise Linux Server, SUSE Linux, and Ubuntu that allows for monitoring, inventory management, and syncing configurations across IT environments.
Critical flaws discovered in an Azure app that Microsoft secretly installed on Linux virtual machines.
Comments are closed.