Microsoft fixes critical bugs in secretly installed Azure Linux app

Bleeping Computer -

Microsoft has addressed four critical vulnerabilities collectively known as OMIGOD, found in the Open Management Infrastructure (OMI) software agent silently installed on Azure Linux machines accounting for more than half of Azure instances.

OMI is a software service for IT management with support for most UNIX systems and modern Linux platforms, used by multiple Azure services, including Open Management Suite (OMS), Azure Insights, Azure Automation.

These vulnerabilities were found by cloud security firm Wiz researchers Nir Ohfeld and Shir Tamari, who dubbed them OMIGOD.

“Problematically, this ‘secret’ agent is both widely used (because it is open source) and completely invisible to customers as its usage within Azure is completely undocumented,” Ohfeld said.

Millions of endpoints exposed to attacks

The researchers “conservatively estimate” that thousands of Azure customers and millions of endpoints are impacted by these security flaws:

CVE-2021-38647 – Unauthenticated RCE as root (Severity: 9.8/10) CVE-2021-38648 – Privilege Escalation vulnerability (Severity: 7.8/10)

The post Microsoft fixes critical bugs in secretly installed Azure Linux app first appeared first on Bleeping Computer.

Read More.....