Researchers reveal now fixed hole in Microsoft’s Azure Cosmos DB security

1 min. read

Published onAugust 27, 2021

published onAugust 27, 2021

Share this article

Read our disclosure page to find out how can you help Windows Report sustain the editorial teamRead more

Microsoft has warned Azure customers in a vulnerability in its Cosmos DB cloud database software after a security company found that they could access information from “thousands of companies,”according to Reuters. The security company, Wiz, found that by exploiting a flaw in Jupyter Notebook, an open source project that allows document and code sharing via a web browser. Jupyter Notebook has been around for years, but has been enabled by default for Azure Cosmos DB customers.

There has been “no evidence that the flaw has been exploited,” but researchers at Wiz were able to gain access to encryption keys that then allowed them access to Cosmos DB databases. Microsoft says it “fixed the issue immediately,” and notified customers via email that although the vulnerability is fixed, they would need to change their access keys.

Microsoft has had its share of problems with cybersecurity as ransomware and other attacks on software vulnerabilities are becoming more and more common. This week, tech CEOs met at the White House to discuss cybersecurity with US President Biden, whereMicrosoft pledged $20 billionto advance its security solutions over the next five years.

Kip Kniskern

User forum

0 messages

Sort by:LatestOldestMost Votes

Comment*

Name*

Email*

Commenting as.Not you?

Save information for future comments

Comment

Kip Kniskern

With KB5043178 to Release Preview Channel, Microsoft advises Windows 11 users to plug in when the battery is low#

Copilot in Outlook will generate personalized themes for you to customize the app#

Microsoft will raise the price of its 365 Suite to include AI capabilities#

Death Stranding Director’s Cut is now Xbox X|S at a huge discount#

Outlook will let users create custom account icons so they can tell their accounts apart easier#

Researchers reveal now fixed hole in Microsoft’s Azure Cosmos DB security#

With KB5043178 to Release Preview Channel, Microsoft advises Windows 11 users to plug in when the battery is low

Copilot in Outlook will generate personalized themes for you to customize the app

Microsoft will raise the price of its 365 Suite to include AI capabilities

Death Stranding Director’s Cut is now Xbox X|S at a huge discount

Outlook will let users create custom account icons so they can tell their accounts apart easier

Researchers reveal now fixed hole in Microsoft’s Azure Cosmos DB security