Active Stocks
Mon Dec 09 2024 12:44:02
  1. Tata Steel share price
  2. 147.40 -0.57%
  1. Power Grid Corporation Of India share price
  2. 328.95 0.00%
  1. ITC share price
  2. 466.30 -1.05%
  1. State Bank Of India share price
  2. 862.80 -0.14%
  1. Tata Motors share price
  2. 805.25 -1.41%
Business News/ Technology / News/  Microsoft tells customers to change digital access keys
BackBack

Microsoft tells customers to change digital access keys

Security researchers from a company called Wiz had informed the technology giant that a loophole in their systems allowed hackers to access the keys that would control access to companies’ databases held in Microsoft’s Cosmos DB database

Wiz also detailed ways for Microsoft’s customers to find out whether their internal systems may be affected. (AP)Premium
Wiz also detailed ways for Microsoft’s customers to find out whether their internal systems may be affected. (AP)

NEW DELHI:Last week, tech giant Microsoft asked many of its customers to update the access keys to their databases held in the company’s Azure cloud service. Security researchers from a company called Wiz had informed the technology giant that a loophole in their systems allowed hackers to access the keys that would control access to companies’ databases held in Microsoft’s Cosmos DB database.

In an updated blog post, the security firm also detailed ways for Microsoft’s customers to find out whether their internal systems may be affected.

“There are two main remediation steps to perform. The first is to replace the CosmosDB primary keys and the second step is to reduce network exposure of CosmosDB accounts as much as possible," the researchers said in the updated blog post. “For the key regeneration, the security teams should ask all DB owners to replace their primary keys as explained below and they can use the powershell script attached below for monitoring of the key upgrade process.

In an earlier post on 26 August, the researchers had said that the vulnerability in Microsoft’s systems could allow hackers “unrestricted access" to accounts and databases of “several thousand Microsoft Azure customers, including many Fortune 500 companies. Reuters reported that Microsoft had paid the company $40,000 for responsibly reporting the leak to the company.

“Microsoft’s Security Team deserves enormous credit for taking immediate action to address the problem. We rarely see security teams move so fast! They disabled the vulnerable notebook feature within 48 hours after we reported it. It’s still turned off for all customers pending a security redesign," the blog post from Wiz said.

3.6 Crore Indians visited in a single day choosing us as India's undisputed platform for General Election Results. Explore the latest updates here!

Catch all the Technology News and Updates on Live Mint. Download The Mint News App to get Daily Market Updates & Live Business News.
More Less
Published: 30 Aug 2021, 06:15 PM IST
Next Story footLogo
Recommended For You