Flaws as in security vulnerabilities, that is to say. If there’s one thing Microsoft can pride itself on when it comes to Azure, is its reliability and security. But even the most secure of infrastructures can have a hole.
Or two, in this case.
For researchers have found two vulnerabilities in the Azure platform last year, one in the Azure Stack architecture and another in the Azure App Service. Both of these have been fixed by the Redmond based technology giant in quick time.
With that done, Check Point Research analysts who discovered the flaws in the cloud platform detailed their findings in a blog post explaining what was wrong where.
The Israel based firm found out that a user on the Azure network could have potentially taken control over the entire server by exploiting these vulnerabilities, which could have potentially opened a path to business code theft and manipulation.
As explained:
“The Azure Stack Flaw would have enabled a hacker to gain screenshots and sensitive information of machines running on Azure. The Azure App Flaw would have enabled a hacker to take control over the entire Azure server, and consequently take control over an enterprises’ business code.”
The vulnerabilities were discovered throughout 2019, and the company deployed security patches for both flaws by the end of the year. Check Point says that they worked closely with Microsoft to solve these issues, and make the cloud platform more secure.
If you are interested in finding out more details, you can give CVE-2019-1234 and CVE-2019-1372 a scan.