Blog

Vulnerabilities Found Inside Azure-Linked Managed Database Service

Vulnerabilities Found Inside Azure-Linked Managed Database Service

It’s not unheard of for some threats to remain undiscovered for months or even years, as is the case with a particularly nasty one in the Microsoft Azure database system. This exploit, discovered by cloud security provider Wiz, is built into Cosmos DB, Microsoft Azure’s managed database service. Let’s take a look at the exploit and see what we can learn from it.

The vulnerability is called Chaos DB and is capable of providing read and write access to just about every database on the service. No evidence indicates that the exploit was used by hackers or attackers, but it is still a major problem and one that you should be aware of. The vulnerability comes about as a result of how the database handles primary keys and how Microsoft deployed its default settings for one of their services.

The service in question, Jupyter Notebook, is a feature found in Cosmos DB. Wiz found that this feature was enabled automatically for all instances of Cosmos DB in the month of February 2021, but this issue could go as far back as 2019 when Jupyter first became a feature. A misconfigured setting within Jupyter allows users to obtain the primary keys for other users of Cosmos DB. Since the primary keys give the holder the ability to read, write, and delete data on the database, it is a pretty serious issue.

Primary keys are credentials that do not expire, so if malicious entities get ahold of them, the only solution is to rotate them so that they are no longer useful to whoever steals them. If this is not done, then anyone who has obtained the primary key can potentially gain escalated privileges. Wiz recommends that all users who have Jupyter enabled on their service rotate their keys, no matter how long or short they have used the service for.

Microsoft has since disabled the vulnerability that allowed for Chaos DB, but the company doubled down on the fact that it cannot change the primary keys, instead urging customers to rotate them themselves. Microsoft has also issued a warning to affected customers, which amount to about one-third of the service’s user base, along with instructions on how to limit the risks associated with this vulnerability.

Again, it is extraordinarily important that you prioritize security configurations for your business technology, as you could unknowingly be placing your business’ data or privacy at risk. To remove the guesswork, get White Mountain IT Services on board to give you a hand. We can assist with any configurations your technology needs to remain secure. To learn more, reach out to us at 603-889-0800.

By accepting you will be accessing a service provided by a third-party external to https://www.whitemtn.com/

Related Posts

There are many advantages of running, even a small office, on a dedicated server, and in some cases it is necessary.  However, we believe in keeping things simple. Before we recommend any solution, we will always consider your needs and discuss ...
All business owners should be aware of which Microsoft products they use. It’s one of the many complex and confusing parts of managing your technology. Of course, all great things must eventually come to an end, and the same applies to your mission-c...
Smartphones and tablets are the new norm. Most professionals have begun to utilize mobile devices to accomplish tasks when they are away from their work PC. Not to say that these devices offer all that much in the way of productivity. Sure, there are...
Microsoft Word is one of those computer applications that has so many tricks hidden in it that you constantly have opportunities to show off how much you’ve learned. These skills could make or break your job performance under the right conditions, an...
Your technology is a gateway to productivity, and Microsoft has managed to put together a great way to use it with their latest operating system. In Windows 10, you can use Windows Ink to doodle or take notes on your screen while using a Microsoft ap...
We’ve all been in a situation where a sudden loss of power or a hardware failure would mean the imminent destruction of a file you’ve been working on. When this happens, you might find yourself panicking. When was the last time you saved your work? W...
Microsoft’s latest PC operating system arrived with fanfare yesterday, and has received overwhelmingly positive reviews so far, but is it ready for your business? Let’s take it for a spin and find out....
Internet-users rejoice all over the world, for just last week, Internet Explorer 8, 9, and 10, will no longer be supported by Microsoft. That’s right; no more patches or security updates for good old IE. This makes continuing to use older versions of...
Just months after releasing their newest operating system, Windows 10, Microsoft is now updating the world’s most popular productivity software. Office 2016 makes several improvements over the Office 2013 versions of Word, Excel, PowerPoint, and the ...
With Windows 10 on the horizon, you would think that users would flock toward Microsoft’s newest OS, Windows 8.1. However, this simply hasn’t been the case. If anything, Windows 7 has grown more popular while Windows 8 and 8.1’s sales have plateaued....
It’s football season once again, and this year, we want to show you how to set up Cortana to follow your favorite teams--football or otherwise. It’s actually easier than you might think! Before we begin, remember that this only works on devices that ...
Encryption has become a very important part of maintaining an acceptable standard of security while browsing the web and storing data. Large enterprises and organizations have been using encryption for a long time, and even the average consumer uses ...

Onsite Service Coverage Area

Although we provide remote services and support to businesses in over 20 states, onsite services are limited to within reasonable driving distance from our office in NH.  We will manage a local vendor for locations outside of our service area to provide onsite assistance when needed.

 

Onsite Computer Support Services are available to businesses within 100 miles of Nashua New Hampshire. We have excellent onsite coverage from Concord NH, south through Manchester NH, and then down into Boston. From Northern and Central Mass, we cover from Worcester, east to the North Shore, including the Salem and Portsmouth NH area.

 

White Mountain IT Services
33 Main Street, Suite 302
Nashua, New Hampshire 03064

 

603-889-0800

map nashua4 1

 

Open Positions