DHS urges Microsoft customers to update Azure to avoid security flaw

Customer data may have been exposed, CISA warns.
(Photo by John Smith/VIEWpress/Getty Images)

The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency is urging Microsoft cloud customers to reset their security keys in light of a recent vulnerability that may have exposed customer data.

The flaw, discovered by researchers at Wiz, would have allowed any customer using Microsoft’s Azure Cosmos database to read, write and delete another user’s information without authorization. Cosmos DB is used by thousands of organizations, including Coca-Cola, Exxon Mobil and a number of other Fortune 500 companies.

“Although the misconfiguration appears to have been fixed within the Azure cloud, CISA strongly encourages Azure Cosmos DB customers to roll and regenerate their certificate keys and to review Microsoft’s guidance on how to secure access to data in Azure Cosmos DB,” CISA wrote in an alert Friday.

Microsoft reported in a blog Friday that it contacted customers who had the Azure Cosmos feature that contained the vulnerability activated during the period the researchers tracked the vulnerability. There is no evidence of outsiders accessing any customer data, the company said.


But researchers at Wiz say the vulnerability has been exploitable for roughly two years, which means that many more customers could have been exposed.

“Every Cosmos DB customer should assume they’ve been exposed,” Wiz researchers wrote.

This is the second time this month that CISA has alerted users to an urgent Microsoft vulnerability.

CISA on August 21 issued an urgent warning that cybercriminals were actively exploiting a months-old vulnerability in Microsoft ProxyShell to attack company servers and send ransomware.

Tonya Riley

Written by Tonya Riley

Tonya Riley covers privacy, surveillance and cryptocurrency for CyberScoop News. She previously wrote the Cybersecurity 202 newsletter for The Washington Post and before that worked as a fellow at Mother Jones magazine. Her work has appeared in Wired, CNBC, Esquire and other outlets. She received a BA in history from Brown University. You can reach Tonya with sensitive tips on Signal at 202-643-0931. PR pitches to Signal will be ignored and should be sent via email.

Latest Podcasts