Microsoft Mitigates Three Vulnerabilities in Azure HDInsight

Microsoft recently remediated one Denial of Service and two Escalation of Privilege vulnerabilities affecting third party components of Azure HDInsight.
The Microsoft Security Response Center continually works with security researchers who discover security vulnerabilities in our products and services.
These vulnerabilities were originally identified through independent testing conducted by Orca Security and reported to MSRC via our Coordinated Vulnerability Disclosure process.
Microsoft released fixes for two vulnerabilities in October.
The denial of service vulnerability fix was included in the latest Azure HDInsight release as a defense-in-depth fix.
Microsoft has not observed exploitation of these vulnerabilities beyond the proofs-of-concept provided by the researcher.
Customers are encouraged to deploy the latest HDInsight image 2310140056 which has fixes for these three vulnerabilities.
NSG separation between tenant subnets prevents cross-tenant vulnerability risk to HDInsight clusters.
Our security team engages in vulnerability variant hunting to identify security anti-patterns that lead to vulnerabilities across our products and services.
To further strengthen the security of HDInsight, and all Microsoft products, we continuously upgrade our static analysis rules to detect and mitigate bugs early in the product pipeline.
As part of our learnings from the vulnerabilities identified by Orca Security, the HDInsight team will conduct a comprehensive security review of our critical open-source dependencies, including Apache Ambari, Apache Oozie, and others.
Orca Security reported two Elevation of Privilege and one Denial of Service vulnerability affecting Azure HDInsight in July and August 2023.
After analyzing the vulnerability report, we contacted the Apache security team on October 4, 2023, and have been in coordination since.
All three vulnerabilities were mitigated and customers are encouraged to deploy the latest HDInsight image 2310140056 that has the fixes for these three vulnerabilities.
Microsoft has no evidence of these vulnerabilities being exploited in HDInsight outside of the proof of concepts from the researcher.
These vulnerabilities were demonstrated by Orca Security and reproduced by Microsoft security teams before being mitigated.
Microsoft continually invests in proactive efforts to identify, mitigate, and prevent security vulnerabilities across our services, including making improvements to our analysis tools, performing proactive variant hunting, and strengthening our SDL controls to catch security flaws early in the development cycle.
We encourage all researchers to work with vendors under Coordinated Vulnerability Disclosure and abide by the rules of engagement for penetration testing to avoid impacting customer data while conducting security research.
Researchers who report security issues to the Microsoft Security Response Center are eligible to participate in Microsoft's Bug Bounty Program.
Get notified when a potential security event impacts your Azure resources by configuring Service Health alerts in the Azure Portal.


This Cyber News was published on msrc.microsoft.com. Publication date: Thu, 07 Dec 2023 14:43:05 +0000


Cyber News related to Microsoft Mitigates Three Vulnerabilities in Azure HDInsight

Microsoft Mitigates Three Vulnerabilities in Azure HDInsight - Microsoft recently remediated one Denial of Service and two Escalation of Privilege vulnerabilities affecting third party components of Azure HDInsight. The Microsoft Security Response Center continually works with security researchers who discover ...
11 months ago Msrc.microsoft.com
What is Azure Identity Protection and 7 Steps to a Seamless Setup - As a result, tools such as Microsoft's Azure Identity Protection have become a staple in protecting against compromised identities, account takeover, and misuse of privileges. Azure Identity Protection is a security service that provides a robust ...
5 months ago Securityboulevard.com
Five business use cases for evaluating Azure Virtual WAN security solutions - To help organizations who are evaluating security solutions to protect their Virtual WAN deployments, this article considers five business use cases and explains how Check Point enhances and complements Azure security with its best-of-breed, ...
5 months ago Blog.checkpoint.com
Microsoft fixes critical Azure CLI flaw that leaked credentials in logs - Microsoft has fixed a critical security vulnerability that could let attackers steal credentials from GitHub Actions or Azure DevOps logs created using Azure CLI. The vulnerability was reported by security researchers with Palo Alto's Prisma Cloud. ...
11 months ago Bleepingcomputer.com
Azure Service Tags tagged as security risk, Microsoft disagrees - Security researchers at Tenable discovered what they describe as a high-severity vulnerability in Azure Service Tag that could allow attackers to access customers' private data. Service Tags are groups of IP addresses for a specific Azure service ...
4 months ago Bleepingcomputer.com
Microsoft Incident Response lessons on preventing cloud identity compromise - Microsoft Incident Response is often engaged in cases where organizations have lost control of their Microsoft Entra ID tenant, due to a combination of misconfiguration, administrative oversight, exclusions to security policies, or insufficient ...
11 months ago Microsoft.com
Azure MACC Credits Gathering Dust? Use Them to Get the Best Prevention-First Security - As we enter 2024, your organization may have unused MACC or Azure commit-to-consume credits as your annual renewal date draws near. Whether you have credits that will soon expire or are starting to plan your Azure spend for the next 12 months, Check ...
9 months ago Blog.checkpoint.com
Microsoft extends Windows Server 2012 ESUs to October 2026 - Microsoft provides three more years of Windows Server 2012 Extended Security Updates until October 2026, giving administrators more time to upgrade or migrate to Azure. The company also prolonged the end date for Windows Server 2012 and extended ...
11 months ago Bleepingcomputer.com
Azure Serial Console Attack and Defense - This is the second installment of the Azure Serial Console blog, which provides insights to improve defenders' preparedness when investigating Azure Serial Console activity on Azure Linux virtual machines. While the first blog post discussed various ...
10 months ago Msrc.microsoft.com
Fortifying confidential computing in Microsoft Azure - I wrote about how Microsoft used Intel's secure extensions to its processor instruction sets to provide a foundation for confidential computing in Azure a few years ago. In the years since, the confidential computing market has taken a few steps ...
10 months ago Infoworld.com
Explore How Emojideploy Botnet Exploited Microsoft Azure for Remote Code Execution - As cloud computing gains more popularity among businesses, the threat of cyber-attack surfaces to the fore. Microsoft Azure is not immune to security issues, as the recent exploit involving Emojideploy Botnet demonstrates. In this article, we will ...
1 year ago Securityaffairs.com
Signing Executables With Azure DevOps - This signing tool is compatible with all major executable files and works impeccably with all OV and EV code signing certificates. It's mostly used with Azure DevOps due to the benefit of Azure Key Vault. Here, you will undergo the complete procedure ...
10 months ago Feeds.dzone.com
New Microsoft Incident Response guides help security teams analyze suspicious activity - Today Microsoft Incident Response are proud to introduce two one-page guides to help security teams investigate suspicious activity in Microsoft 365 and Microsoft Entra. These guides contain the artifacts that Microsoft Incident Response hunts for ...
9 months ago Microsoft.com
Researchers Uncover Undetectable Crypto Mining Technique on Azure Automation - Cybersecurity researchers have developed what's the first fully undetectable cloud-based cryptocurrency miner leveraging the Microsoft Azure Automation service without racking up any charges. Cybersecurity company SafeBreach said it discovered three ...
11 months ago Thehackernews.com
Comprehensive Cloud Monitoring Platforms: Ensuring - Platforms for comprehensive cloud monitoring come into play in this situation. In this article, we will explore the significance of comprehensive cloud monitoring platforms and delve into some leading solutions available in the market today. ...
11 months ago Feeds.dzone.com
Microsoft Disables Verified Partner Accounts Used for OAuth Phishing - Microsoft has disabled multiple fraudulent, verified Microsoft Partner Network accounts for creating malicious OAuth applications that breached organizations cloud environments to steal email. In a joint announcement between Microsoft and Proofpoint, ...
1 year ago Bleepingcomputer.com
How to manage a migration to Microsoft Entra ID - Microsoft Entra ID, formerly Azure Active Directory, is not a direct replacement for on-premises Active Directory due to feature gaps and alternative ways to perform similar identity and access management tasks. For some organizations, a move to ...
10 months ago Techtarget.com
Microsoft Services Down: Xbox, Azure, Teams, Office 365 Experiencing Technical Difficulties - Microsoft services including Xbox, Azure and Office 365 are reportedly down. Several Microsoft users have started to complain about technical difficulties online. Many of them have mentioned that they can no longer sign in to Xbox and other Microsoft ...
1 year ago Hackread.com
Navigating Microsoft's Innovations For 2023: Get Up to Date With The Latest Developments - In the world of digital technology, staying up-to-date with the latest advancements and innovations is becoming increasingly important. As one of the leading technology companies in the world, Microsoft is constantly introducing new innovations in ...
1 year ago Hackread.com
Microsoft to start enforcing Azure multi-factor authentication in July - Starting in July, Microsoft will begin gradually enforcing multi-factor authentication for all users signing into Azure to administer resources. After first completing the rollout for the Azure portal, the MFA enforcement will see a similar rollout ...
5 months ago Bleepingcomputer.com
Discovering SSRF Flaws in Microsoft Azure Services - Microsoft Azure is an incredibly popular cloud computing platform and its services are used around the world. Recently, security researchers uncovered several Server-Side Request Forgery (SSRF) flaws in many of Microsoft Azure’s services. This type ...
1 year ago Securityaffairs.com
Criminal IP ASM: A new cybersecurity listing on Microsoft Azure - AI SPERA, a leader in Cyber Threat Intelligence-based solutions, today announced that Criminal IP ASM is now available on the Microsoft Azure Marketplace. As an officially certified ISV partner of Microsoft, AI SPERA offers services and technology ...
9 months ago Bleepingcomputer.com
Microsoft Patch Tuesday 2024: 49 Vulnerabilities are fixed - Microsoft released its first patch on Tuesday, 2024, in which nearly 49 vulnerabilities have been fixed in Microsoft products and 5 vulnerabilities in non-Microsoft products. Among these 49 vulnerabilities, there were 12 remote code execution ...
9 months ago Cybersecuritynews.com
CISA orders agencies impacted by Microsoft hack to mitigate risks - CISA has issued a new emergency directive ordering U.S. federal agencies to address risks resulting from the breach of multiple Microsoft corporate email accounts by the Russian APT29 hacking group. It requires them to investigate potentially ...
6 months ago Bleepingcomputer.com
Attackers Exploit Microsoft Security-Bypass Zero-Day Bugs - Microsoft's scheduled Patch Tuesday security update for February includes fixes for two zero-day security vulnerabilities under active attack, plus 71 other flaws across a wide range of its products. In all, five of the vulnerabilities for which ...
8 months ago Darkreading.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)