• about reply
WM Reply Logo
Menu
  • About Us
    About Us
    • Newsroom
    • Case Studies
    • Events
    • News & Communications
    • About Us
  • Services
  • SOLUTIONS
    SOLUTIONS
    • Productivity & Collaboration
    • SharePoint Intranets
    • Enterprise Social Networks
    • Digital Workplaces
    • The Accelerator by WM reply
    • Core Technologies
    • SharePoint
    • Power Platform
    • Microsoft Teams
    • Office 365
    • Microsoft FastTrack
    • Microsoft Exchange
    • Yammer
    • Nintex Workflows
    • Microsoft Viva
    • Business Solutions
    • Mobile Applications
    • Document Management
    • Consumer Experience
    • SharePoint Websites Design
    • SharePoint Extranets
  • Careers
  • Contact us
  • about Reply
WM Reply Logo

Search

Focus On

News & Communication

Security experts identify faults in Microsoft Azure

FOCUS ON: Azure, Microsoft,

The cloud-based computing service from Microsoft has been discovered to contain severe security weaknesses.

Leading cyber security specialist Check Point has uncovered two major security issues with Microsoft Azure. The weaknesses identified by security researchers at the firm could potentially be taken advantage of by cyber criminals to obtain access and gather sensitive data stored on any machines that are running Azure. Hackers can also exploit the flaws to take control of Microsoft Azure servers.

Security weakness in Microsoft Azure Stack

A software solution for cloud-based computing, Azure Stack was designed and produced by the tech giant to enable enterprises, from SMEs to international organisations, to employ their own company data centres to deliver users Azure services. The Redmond-based firm created the hybrid solution in order to give companies the capacity to start utilising cloud computing services on their own personalised terms, while empowering them to address both technical and business considerations effectively.

The first Azure security defect was identified in the Azure Stack solution. If exploited, the weakness would allow a hacker to acquire access to a variety of sensitive data, including user screenshots from machines using Azure.

Check Point’s specialist researchers were able to obtain sensitive information and take screenshots from both infrastructure machines and Azure tenants by capitalising on the security weakness. For the cybercriminal to take full advantage of the defect, however, they would need to acquire authorised access from the Azure Stack Portal first. With this level of access, the hackers would then be enabled to send out counterfeit HTTP requests.

Security flaw in the Microsoft Azure App

Developed by Microsoft to empower users with the ability to host and build back-ends for mobile, RESTful APIs and web apps in their chosen programming language without needing managing infrastructure. The Platform as a Service (PaaS) from Microsoft is fully managed and integrates Azure websites along with other offered services into on single service while including new capabilities to allow integration with cloud systems or on-premises.

The flaw identified by researchers over at Check Point in the Azure App revealed that a hacker could use the weakness to take total control of a whole Azure server. The cybercriminal would in effect then possess complete control of an organisation’s business code.

Check Point experts were able to show evidence that a cybercriminal could compromise Azure tenant data, accounts and application. The hacker would set up a free user account within the Azure Cloud, utilising it to run malicious operations in Azure. The specialist security firm revealed its findings to Microsoft who then collaborated with it on fixing the discovered Azure vulnerabilities. Complete patches for the security defect in Azure Stack and Azure app were both made available to prevent exploitation by hackers.

If your company uses Microsoft technology to its advantage, you can rely on our team for advice and support. Experts on business solutions from Microsoft, we’ll ensure your intranet is always running smoothly and securely with the very latest services available. Contact us here at WM Reply for streamlined support in your corner.

RELATED CONTENTS

09.07.2021

News & Communication

WM Reply Recognized as a Finalist of the 2021 Microsoft Employee Experience Partner of the Year Award

WM Reply today announced it has been named a finalist of the Employee Experience 2021 Microsoft Partner of the Year Award.

02.03.2021 - 04.03.2021 / Live Event

Event

Microsoft Ignite

Microsoft Partners Cluster Reply, Solidsoft Reply, Valorem Reply and WM Reply, are participating in "Microsoft Ignite" with a single virtual stand where participants can discover all the latest on Microsoft solutions.

20.10.2020 / MICROSOFT

News & Communication

Microsoft announces milestone in digital learning

Tech giant Microsoft has revealed that over 500,000 UK residents have increased their skillset with new digital abilities over the last three months, using free online study courses.

 
 
 ​
 
Reply ©​​ 2023 - Company Information -
 PrivacyCookie Settings​
  • Abou​t Reply​​
  • Investors​​​
  • Newsroom
  • Follow Reply on
​
  • ​About WM Reply
  • Privacy & Cookies Policy
  • Information (Client)
  • Information (Supplier)
  • Information (Candidate)