Tech »  Topic »  WTF? Microsoft makes fixing deadly OMIGOD flaws on Azure your job

WTF? Microsoft makes fixing deadly OMIGOD flaws on Azure your job


Microsoft Azure users running Linux VMs in the IT giant's Azure cloud need to take action to protect themselves against the four "OMIGOD" bugs in the Open Management Infrastructure (OMI) framework, because Microsoft hasn't raced to do it for them.

As The Register outlined in our report on this month's Patch Tuesday release, Microsoft included fixes for flaws security outfit Wiz spotted in OMI. Wiz named the four flaws OMIGOD because they are jaw-droppers.

The least severe of the flaws is rated 7/10 on the Common Vulnerability Scoring System. The worst is rated critical at 9.8/10.

Complicating matters is that running OMI is not something Azure users actively choose.

As Wiz explained: "When customers set up a Linux virtual machine in [Azure], the OMI agent is automatically deployed without their knowledge when they enable certain Azure services.

"Unless a patch is applied, attackers can ...


Copyright of this story solely belongs to theregister.co.uk . To see the full text click HERE