Security News > 2021 > September > OMIGOD, an exploitable hole in Microsoft open source code!

OMIGOD, an exploitable hole in Microsoft open source code!
2021-09-16 18:55

The relevant bug fixes were officially available in the OMI source code back on 12 August 2021, more than a month ago.

Like WMI, the OMI code runs as a priviliged process on your servers so that sysadmins, and system administration software, can query and control what's going on, such as enumerating processes, kicking off utility programs, and checking up on system configuration settings.

Sadly, OMIGOD is an OMI bug that, in theory, offers criminals the same sort of distributed power over your Linux servers.

Of course, with the relevant code patches published more than a month ago, in source code form no less, you might assume that Linux sysadmins who are users of OMI have had plenty of time to patch already.

As Wiz remarks out rather pointedly in its blog post, many Linux-on-Azure users may be unaware that they have OMI, and therefore not even know to look out for security problems with it.

Azure customers on Linux machines - which account for over half of all Azure instances according to Microsoft - are at risk if they use any of the following services / tools: Azure Automation, Azure Automatic Update, Azure Operations Management Suite, Azure Log Analytics, Azure Configuration Management, Azure Diagnostics [and] Azure Container Insights,.


News URL

https://nakedsecurity.sophos.com/2021/09/16/omigod-an-exploitable-hole-in-microsoft-open-source-code/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Microsoft 480 75 2308 5127 264 7774