{"id":331012,"date":"2021-08-27T06:45:00","date_gmt":"2021-08-27T03:45:00","guid":{"rendered":"https:\/\/en.buradabiliyorum.com\/microsoft-warns-cloud-customers-of-flaw-that-may-have-exposed-databases-report\/"},"modified":"2021-08-27T06:45:00","modified_gmt":"2021-08-27T03:45:00","slug":"microsoft-warns-cloud-customers-of-flaw-that-may-have-exposed-databases-report","status":"publish","type":"post","link":"https:\/\/buradabiliyorum.com\/en\/microsoft-warns-cloud-customers-of-flaw-that-may-have-exposed-databases-report\/","title":{"rendered":"#: Microsoft warns cloud customers of flaw that may have exposed databases: report"},"content":{"rendered":"<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_85 counter-hierarchy ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<label for=\"ez-toc-cssicon-toggle-item-6a3872a9600aa\" class=\"ez-toc-cssicon-toggle-label\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #dd3333;color:#dd3333\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #dd3333;color:#dd3333\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/label><input type=\"checkbox\"  id=\"ez-toc-cssicon-toggle-item-6a3872a9600aa\" checked aria-label=\"Toggle\" \/><nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/buradabiliyorum.com\/en\/microsoft-warns-cloud-customers-of-flaw-that-may-have-exposed-databases-report\/#Vulnerability_could_have_allowed_intruders_%E2%80%98unrestricted_access_to_databases_of_many_Fortune_500_companies_security_researchers_say\" >Vulnerability could have allowed intruders \u2018unrestricted access\u2019 to databases of many Fortune 500 companies, security researchers say<\/a><ul class='ez-toc-list-level-4' ><li class='ez-toc-heading-level-4'><ul class='ez-toc-list-level-4' ><li class='ez-toc-heading-level-4'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/buradabiliyorum.com\/en\/microsoft-warns-cloud-customers-of-flaw-that-may-have-exposed-databases-report\/#Mike_Murphy\" >Mike Murphy<\/a><\/li><\/ul><\/li><\/ul><\/li><\/ul><\/nav><\/div>\n<p>&#8220;<strong>#: Microsoft warns cloud customers of flaw that may have exposed databases: report<\/strong>&#8221;<\/p>\n<h2 class=\"article__subhead\" itemprop=\"alternativeHeadline\"><span class=\"ez-toc-section\" id=\"Vulnerability_could_have_allowed_intruders_%E2%80%98unrestricted_access_to_databases_of_many_Fortune_500_companies_security_researchers_say\"><\/span>\n  Vulnerability could have allowed intruders \u2018unrestricted access\u2019 to databases of many Fortune 500 companies, security researchers say<br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><\/p>\n<div class=\"column column--full article__content\">\n<div class=\"article__side\">\n<div class=\"container--sticky not-active\">\n<div id=\"cx-next\" data-nosnippet>\n              <\/div>\n<\/p><\/div>\n<\/p><\/div>\n<div id=\"js-article__body\" class=\"article__body article-wrap at16-col16 barrons-article-wrap\" itemprop=\"articleBody\" data-sbid=\"WP-MKTW-0000389556\">\n<div class=\"barrons-article-ad-wrapper\">\n<div data-track=\"barrons-article-ad-wrap\" class=\"barrons-article-ad sticky_item\">\n<div class=\"barrons-main-article-ad-target sticky_target body_ad\" aria-hidden=\"true\"><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<div data-layout=\"\n                inline\" data-layout-mobile=\"\" class=\"\n          media-object\n          type-InsetArticleReader\n              \n              inline\n  article__inset\n          article__inset--type-InsetArticleReader\n              article__inset--inline\n  \"><\/p>\n<div class=\"media-object-article-reader\">\n<div class=\"audioplayer\" data-sbid=\"WP-MKTW-0000389556\" role=\"region\" aria-label=\"Listen to Article\" tabindex=\"-1\" id=\"articlereader\" data-show-title=\"false\" data-theme=\"wsj-article-reader\" data-show-header=\"false\" data-show-subscribe=\"false\" data-ads-enabled=\"true\" data-save-publication=\"false\">\n        <\/div>\n<\/p><\/div>\n<\/p><\/div>\n<p>       Microsoft Corp. has warned thousands of its cloud customers that their databases may have been exposed to intruders, according to a report Thursday.<\/p>\n<p> <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.reuters.com\/technology\/exclusive-microsoft-warns-thousands-cloud-customers-exposed-databases-emails-2021-08-26\/\" class=\"icon none\">Reuters reported<\/a> that Microsoft<br \/>\n        MSFT,<br \/>\n        <bg-quote field=\"percentchange\" format=\"0,000.00%\" channel=\"\/zigman2\/quotes\/207732364\/composite\" class=\"negative\">-0.97%<\/bg-quote><br \/>\n       warned of a major flaw in its flagship Azure Cosmos DB database service, which could allow hackers to read, change or delete data. The vulnerability was discovered by cybersecurity company Wiz, whose chief <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/technology\/\" data-internallinksmanager029f6b8e52c=\"4\" title=\"Technology\" target=\"_blank\" rel=\"noopener\">technology<\/a> officer used to be CTO for Microsoft\u2019s cloud security unit. Microsoft agreed to pay Wiz $40,000 for reporting the flaw, Reuters reported, citing an email.<\/p>\n<div class=\"paywall\">\n       Reuters said it obtained the email Microsoft sent to its cloud customers, which reportedly said the vulnerability has been repaired and that there was no evidence it had been exploited.<\/p>\n<p>The vulnerability centered around security keys that control access to companies\u2019 databases; Microsoft reportedly told thousands of its customers to create new keys, so that any keys that potentially had been obtained by hackers would become useless.<\/p>\n<p>After the Reuters report was published, <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.wiz.io\/blog\/chaosdb-how-we-hacked-thousands-of-azure-customers-databases\" class=\"icon none\">Wiz published a blog post<\/a> detailing how they found the flaw.<\/p>\n<p>\u201cWe were able to gain\u00a0complete unrestricted access to the accounts and databases of several thousand Microsoft Azure customers, including many Fortune 500 companies,\u201d Wiz security researchers Nir Ohfeld and Sagi Tzadik wrote.<\/p>\n<p>They praised Microsoft for its quick response, noting the flaw was fixed within 48 hours of it being reported, but warned that not every Cosmos DB customer may have been notified about the vulnerability.<\/p>\n<p>\u00a0\u201cWe believe many more Cosmos DB customers may be at risk,\u201d the Wiz researchers said. \u201cEvery Cosmos DB account that uses the notebook feature or that was created after February 2021 is potentially exposed. As a precaution, we urge every Cosmos DB customer to take steps to protect their information.\u201d<\/p>\n<p>Microsoft, whose software runs most of the world\u2019s computers, is a frequent target of cybercriminals. Late last year, Microsoft said it was breached as part of the massive SolarWinds hack, and said hackers had viewed some of its source code. A hack of its Exchange email server software compromised tens of thousands of computers earlier this year. <\/p><\/div>\n<\/div><\/div>\n<p><\/p>\n<div class=\"byline article__byline\">\n<p>    <span>By<\/span><\/p>\n<div class=\"author mobile-scrim hasMenu\" data-scrim='{\"type\":\"author\",\"header\":\"Mike Murphy\",\"subhead\":\"The Wall Street Journal\",\"list\":[{\"type\":\"link\",\"icon\":\"bio\",\"url\":\"https:\/\/www.marketwatch.com\/author\/mike-murphy\",\"text\":\"Biography\"},{\"type\":\"link\",\"icon\":\"twitter\",\"url\":\"https:\/\/twitter.com\/mmmmurf\",\"text\":\"@mmmmurf\"},{\"type\":\"link\",\"icon\":\"email\",\"url\":\"mailto:mmurphy@marketwatch.com\",\"text\":\"mmurphy@marketwatch.com\"}]}' itemscope itemprop=\"author\" itemtype=\"http:\/\/schema.org\/Person\">\n<h4 itemprop=\"name\"><span class=\"ez-toc-section\" id=\"Mike_Murphy\"><\/span>Mike Murphy<span class=\"ez-toc-section-end\"><\/span><\/h4>\n<\/p><\/div>\n<\/div>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<blockquote><p><strong><span style=\"color: #ff6600;\">If you liked the article, do not forget to share it with your friends. Follow us on\u00a0<span style=\"color: #ff0000;\"><a style=\"color: #ff0000;\" href=\"https:\/\/news.google.com\/publications\/CAAqBwgKMLG0nwswvr63Aw\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">Google News<\/a><\/span>\u00a0too, click on the star and choose us from your favorites.<\/span><\/strong><\/p><\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\">For forums sites go to <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/forum.buradabiliyorum.com\/\" target=\"_blank\" rel=\"noopener\">Forum.BuradaBiliyorum.Com<\/a><\/span><\/strong><\/p>\n<\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\"><strong>If you want to read more <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/news\/\" data-internallinksmanager029f6b8e52c=\"2\" title=\"News\" target=\"_blank\" rel=\"noopener\">News<\/a> articles, you can visit our <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/en.buradabiliyorum.com\/news\/\" target=\"_blank\" rel=\"noopener\">News category.<\/a><\/span><\/strong><\/p>\n<\/blockquote>\n<p><span style=\"color: black;\"><a style=\"color: #ff9900;\" href=\"http:\/\/www.marketwatch.com\/news\/story.asp?guid=%7B20C05575-04D4-B545-75F1-B44B81EA8D18%7D&#038;siteid=rss&#038;rss=1\" target=\"_blank\" rel=\"noopener\">Source<\/a><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>&#8220;#: Microsoft warns cloud customers of flaw that may have exposed databases: report&#8221; Vulnerability could have allowed intruders \u2018unrestricted access\u2019 to databases of many Fortune 500 companies, security researchers say Microsoft Corp. has warned thousands of its cloud customers that their databases may have been exposed to intruders, according to a report Thursday. Reuters reported&#8230;<\/p>\n","protected":false},"author":1,"featured_media":331013,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"","fifu_image_alt":"","footnotes":""},"categories":[70897],"tags":[],"class_list":["post-331012","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news"],"_links":{"self":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/331012","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/comments?post=331012"}],"version-history":[{"count":0,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/331012\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media\/331013"}],"wp:attachment":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media?parent=331012"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/categories?post=331012"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/tags?post=331012"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}