There is a new Microsoft Azure vulnerability. Palo Alto researchers found a problem in Microsoft Azure Fabric, which is complicating their obstacles they already are dealing with. Azure Service Fabric is Microsoft’s “platform-as-a-service and a container orchestrator solution used to build and deploy cloud-based applications across a cluster of machines.” The newly discovered ‘FabricScape’ bug within Microsoft Azure will impact Linux workloads.
This vulnerability lets Linux containers escalate their privileges to gain root privileges on a node and then compromise all the nodes in a cluster. Due to this, hackers area able to corrupt files and gain deep control. This vulnerability is of important severity in their service as it is widely used. Microsofts Service Fabric hosts more than 1 million applications, runs millions of cores daily, and powers most Azure offerings.
Microsoft advises organizations using the service to review containerized workloads in Linux and Windows environments. MSPs warn those using Microsoft Azure to enable automatic updates and use the latest patches of the applications. There is a large risk of organization who use this service as it can put the users and their data at danger. As the company issues a patch on the FabricScape vulnerability, it shows to affect multiple Azure products, heightening their concerns while managing other responsibilities.
Source; SmarterMSP