Tuesday, June 14, 2022

Botched and silent patches from Microsoft put customers at risk, critics say


Shadowy figures stand beneath a Microsoft logo on a faux wood wall.

Enlarge (credit: Drew Angerer | Getty Images)

Blame is mounting on Microsoft for what critics say is a lack of transparency and adequate speed when responding to reports of vulnerabilities threatening its customers, security professionals said.

Microsoft's latest failing came to light on Tuesday in a post that showed Microsoft taking five months and three patches before successfully fixing a critical vulnerability in Azure. Orca Security first informed Microsoft in early January of the flaw, which resided in the Synapse Analytics component of the cloud service and also affected the Azure Data Factory. It gave anyone with an Azure account the ability to access the resources of other customers.

From there, Orca Security researcher Tzah Pahima said, an attacker could:

Read 8 remaining paragraphs | Comments

Reference : https://ift.tt/YQg1kjv

No comments:

Post a Comment

The Forgotten Story of How IBM Invented the Automated Fab

In 1970, Bill Harding envisioned a fully automated wafer-fabrication line that would produce integrated circuits in less than one day. N...