Today, Microsoft released a patch for a vulnerability with the worm potential in the SMBv3…
It is believed that hackers could use the bug to execute code in other users’ containers, steal confidential information, and deploy miners and other malware.
Microsoft has already sent out notifications to its customers warning them to change the privileged credentials for containers deployed on the platform before August 31, 2021.
The company stressed that this is only a precautionary measure, since so far no signs of attacks using Azurescape have been found.
Palo Alto Networks experts note that the vulnerability allowed attackers to compromise multi-user Kubernetes clusters hosting ACI.
The problem was easily discovered when it was revealed that ACI was using code released almost five years ago, vulnerable to bugs related to escaping from the container.
Experts also note that the use of CVE-2019-5736 was enough to escape from the container and execute the code with elevated privileges on the base host.
Let me remind you that we also said that Reserchers discovered in Google Cloud, AWS, and Azure Explore 34 Million Vulnerabilities.
News-bpudepi.today is a domain that tries to trick you into subscribing to its browser notifications…
Doguhtam.xyz is a site that tries to trick you into subscribing to its browser notifications…
News-xlixoti.com is a site that tries to force you into subscribing to its browser notifications…
Ducesousightion.com is a domain that tries to trick you into clik to its browser notifications…
News-xlabica.live is a domain that tries to trick you into clik to its browser notifications…
Mergechain.co.in is a site that tries to trick you into subscribing to its browser notifications…