Microsoft Releases Patches to Address Azure FabricScape Flaw Affecting Linux Workloads
Microsoft has patched a critical in Azure Service Fabric dubbed “FabricScape” that affects containerized workloads on Linux. The software giant urges customers to upgrade their clusters as soon as possible to prevent successful exploits.
Azure Service Fabric is basically a distributed systems platform that allows developers to build and host microservices-based cloud apps. It powers several Microsoft services, including Microsoft Intune, Skype for Business, Cortana, Dynamics 365, Azure Event Hubs, Azure SQL Database, Azure Cosmos DB, and Azure Data Factory.
Cybersecurity researchers from Palo Alto Networks first disclosed the security vulnerability (CVE-2022-30137) in January this year. The flaw enables threat actors to perform a privilege escalation attack on the host Service Fabric node and potentially take over the entire cluster.
Microsoft noted that attackers will need Runtime access to the container to exploit this vulnerability, which is unfortunately granted by default. The company has also detailed the steps that can be taken for a successful attack, and you can check out the security advisory for technical details.
The Redmond giant confirmed that the bug is present in both Windows and Linux, but the problem only affects Linux containers. “Though the bug exists on both Operating System (OS) platforms, it is only exploitable on Linux; Windows has been thoroughly vetted and found not to be vulnerable to this attack,” the company explained.
Update Azure Service Fabric clusters
Microsoft released security patches to address the FabricScape vulnerability on June 14. The company says that customers with automatic updates enabled should have already received the fix. Meanwhile, Microsoft has also sent notifications about the issue via Azure Service Health to all customers who don’t use the auto-update mechanism.
As of this writing, there is no evidence that attackers have successfully exploited the security flaw. However, it is still recommended to patch Azure Service Fabric clusters and follow Microsoft’s best practices.
“While we’re not aware of any attacks in the wild that have successfully exploited this vulnerability, we want to urge organizations to take immediate action to identify whether their environments are vulnerable and quickly implement patches if they are,” said Palo Alto Networks.
More in Security
How to Enable Windows 11 Config Lock on Secured-Core PCs
Dec 2, 2022 | Dean Ellerby
Microsoft Defender Vulnerability Management Now Supports Firmware Assessments
Nov 29, 2022 | Rabia Noureen
Microsoft Entra Workload Identities Service is Now Generally Available
Nov 29, 2022 | Rabia Noureen
Microsoft Authenticator to Enable Number Matching Security Feature by Default in February 2023
Nov 21, 2022 | Rabia Noureen
Microsoft Defender for Endpoint Adds Network Protection on iOS and Android
Nov 11, 2022 | Rabia Noureen
What is a Software-Defined Perimeter?￼
Nov 11, 2022 | Sukesh Mudrakola
Most popular on petri