Microsoft’s Azure cloud platform has a high-severity security vulnerability that can cause victim organizations to unknowingly run malware on their endpoints, experts warned.
Vectra researchers highlighted the factor in a recent blog post, noting that the vulnerability resides in Azure Logs, a tool that, ironically, is used to track malicious activity in a cloud environment (among other things). an Azure administrator would only read, not edit, some knowledge that the user has, such as user IDs, email addresses, message subjects, and more.
By injecting malicious data into the logs, the applications processing it could be tricked into executing malware, the researchers claim.
“For example, a fake email address containing an XSS (Cross-Site Scripting) payload can also be submitted on an account registration form,” the study says. “And the application administrator who opens this log in a browser would possibly fall victim to an XSS attack. “
But there’s another way to place malware on users’ devices: CSV injection. Because Azure logs can be downloaded as a comma-separated value (CSV) record, it’s conceivable that the log comprises an Excel formula that the program executes when the log is unsuccessful. Some formulas (you guessed it) can be simply malicious, forcing the execution of operational formula commands and other exploits. “This can be detrimental not only because arbitrary commands can be executed, but also because users regularly fail to realize this, thinking that CSV records are simply plain text records that cannot cause any harm,” the report says.
These vulnerabilities can be executed unauthenticated, the researchers concluded, suggesting that the attackers don’t need to have an account in the cloud environment.
The good news is that the vulnerability doesn’t work on fully patched Excel instances, so make sure yours is up to date.
Sead is a veteran freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, knowledge breaches, legislation, and regulations). Over the course of his career, which spans more than a decade, he has written for media outlets, including Al Jazeera Balkans. He has also facilitated several modules on content writing for Represent Communications.
Thousands of WordPress Sites Threatened by Questionable Plugins
Hackers Leak Knowledge About About One Million Halara Customers
Côte d’Ivoire vs Guinea-Bissau Live Stream: How to Watch AFCON 2023 from Anywhere
TechRadar is part of Future US Inc, an international media group and leading digital publisher. Visit our corporate site.