Reply to post • OMIGOD, Microsoft's secret agent that compromises Linux • The Register Forums

Wednesday 15th September 2021 03:16 GMT A random security guy

OMIGOD, Microsoft's secret agent that compromises Linux

Microsoft just can't seem to get it right.

From: https://www.wiz.io/blog/secret-agent-exposes-azure-customers-to-unauthorized-code-execution

"When customers set up a Linux virtual machine in their cloud, the OMI agent is automatically deployed without their knowledge when they enable certain Azure services. Unless a patch is applied, attackers can easily exploit these four vulnerabilities to escalate to root privileges and remotely execute malicious code (for instance, encrypting files for ransom)."

Today Microsoft issued the following CVEs for OMIGOD and made a patch available to customers during their Patch Tuesday release:

CVE-2021-38647 – Unauthenticated RCE as root (Severity: 9.8)

CVE-2021-38648 – Privilege Escalation vulnerability (Severity: 7.8)

CVE-2021-38645 – Privilege Escalation vulnerability (Severity: 7.8)

CVE-2021-38649 – Privilege Escalation vulnerability (Severity: 7.0)

Topics

Special Features

Vendor Voice

Resources

User topics

Article topics

Reply to post: OMIGOD, Microsoft's secret agent that compromises Linux

Microsoft's end-of-summer software security cleanse crushes more than 80 bugs

OMIGOD, Microsoft's secret agent that compromises Linux

POST COMMENT House rules

Enter your comment

Add an icon

About Us

Our Websites

Your Privacy