Microsoft has mitigated an Azure Container Instances (ACI) vulnerability, the cloud software company disclosed. Without the fix, the vulnerability could potentially allow a user to access other customers’ information in the ACI service, Microsoft added.
Cybersecurity company Palo Alto Networks reported the vulnerability and worked with the Microsoft Security Response Center (MSRC) under Coordinated Vulnerability Disclosure (CVD) to help keep Microsoft customers safe, the companies say.
This is the second Azure-related vulnerability that Microsoft has fixed in recent weeks. The other involved a critical Azure Cosmos database vulnerability called ChaosDB, which was discovered by cloud security startup Wiz.
Still, Microsoft is downplaying the potential impact of the latest bug. The blog about the ACI vulnerability and associated fix states:
"Our investigation surfaced no unauthorized access to customer data. Out of an abundance of caution we notified customers with containers running on the same clusters as the researchers via Service Health Notifications in the Azure Portal. If you did not receive a notification, no action is required with respect to this vulnerability."
Microsoft ACI Vulnerability: How MSSPs Can Help Customers
How should MSSP and MSPs that support Azure customers proceed? First, check to see if your customers received a Microsoft notification about the vulnerability. If so, MSSPs and MSPs should "revoke any privileged credential that were deployed to the platform before August 31, 2021," Microsoft says.
If a customer is unsure about whether a subscription or organization has received a notification, Microsoft has advised such organizations to contact Azure Support.