Patch Tuesday May 2022 – Microsoft Pledges Fixes and Improvements for Azure Synapse Pipeline and Azure Data Factory

As part of Patch Tuesday May, Microsoft has pledged to release improvements for both Azure Synapse Pipeline and Azure Data Factory. This announcement came shortly after Microsoft disclosed CVE-2022-29972, a vulnerability affecting a Magnitude Simba Amazon Redshift ODBC driver. Microsoft’s currently working alongside a third party to remedy the aforementioned vulnerability and to develop infrastructure improvements for Synapse Pipeline and Data Factory.

Patch Tuesday May – Highlights

Most of Microsoft’s monthly patching effort is focused on the remediation of the Simba Amazon Redshift ODBC driver vulnerability. For those of you unfamiliar with the product, Redshift ODBC and its ‘peer’ JDBC are data access interfaces for various relational databases. Also called connectors, these products allow you to access via SQL-92 all the data stored in Redshift warehouses, map data type in Amazon Redshift and ANSI SQL, provide logging and ODBC tracing, and, of course, establish connections between various BI (Business Intelligence Tools) and the data residing in your Amazon Redshift data warehouse.

According to the threat report issued by Microsoft’s Security Response Center, the vulnerability was first identified and mitigated on the 15th of April 2022. The culprit was a defective ODBC driver developed by an undisclosed third party. As to

Read More: https://heimdalsecurity.com/blog/patch-tuesday-may-2022/