Security News > 2021 > September > Microsoft fixes critical bugs in secretly installed Azure Linux app
Microsoft has addressed four critical vulnerabilities collectively known as OMIGOD, found in the Open Management Infrastructure software agent silently installed on Azure Linux machines accounting for more than half of Azure instances.
OMI is a software service for IT management with support for most UNIX systems and modern Linux platforms, used by multiple Azure services, including Open Management Suite, Azure Insights, Azure Automation.
These vulnerabilities were found by cloud security firm Wiz researchers Nir Ohfeld and Shir Tamari, who dubbed them OMIGOD. "Problematically, this 'secret' agent is both widely used and completely invisible to customers as its usage within Azure is completely undocumented," Ohfeld said.
Other Microsoft customers are also impacted by the OMIGOD flaws, given that the OMI agent can also be manually installed on-premise as it is built in the System Center for Linux, which is Microsoft's server management tool.
"Microsoft released a patched OMI version. In addition, Microsoft advised customers to manually OMI, see the suggested steps by Microsoft here," Wiz security researcher Nir Ohfeld said.
To make things worse, there is no auto-update mechanism Microsoft can use to update the vulnerable agents on all Azure Linux machines, which means that customers have to upgrade it manually to secure endpoints from any incoming attacks using OMIGOD exploits.