Once again, Microsoft has been thrust into the limelight following a breach of confidential data. The incident is said to have occurred as a result of an error made by a research group that was working on artificial intelligence.
Advertisеment
Reports from cybersecurity firm, Wiz, suggest that the breach exposed 38 terabytes of sensitive Microsoft data, including passwords for Microsoft services, private keys, and over 30,000 internal Teams messages sent by more than 350 company employees. The data also contained links to backup copies of employee computers.
The investigation showed that Microsoft developers, when working with GitHub, posted a shared access signature token (shared-access-signature, SAS) in open form in the GitHub repository, and also incorrectly configured access parameters to the working cloud storage of internal data on the Azure platform, providing overly permissive access through this token.
This allowed any user who had access to the token and knew the external network address of the internal cloud storage to gain full control over all data in a specific area of Azure storage owned by two Microsoft employee accounts. A link within this data provided unlimited access to an Azure storage account, which meant that files could be changed, overwritten or deleted by anyone.
It turned out that this data was available from 2020. Wiz notified Microsoft about the problem on June 22, 2023, and two days later the company revoked the SAS token. The company's internal services were unaffected. However, the incident may have allowed attackers to delete, modify, or inject files into systems and internal Microsoft services over an extended period of time within a specific area of Azure storage.
The problem appears to stem from the Shared Access Signature (SAS) token not being configured correctly in Azure. Although the function is designed to limit access to certain files, this particular link allowed unrestricted access to the storage.
Microsoft has conducted a thorough review of its public repositories and found that security systems had detected the publication of the link in time, but it was mistakenly identified as a false positive. The company's engineers are expected to modify system settings to prevent similar issues from occurring in the future.
Support us
Winaero greatly relies on your support. You can help the site keep bringing you interesting and useful content and software by using these options:
If you like this article, please share it using the buttons below. It won't take a lot from you, but it will help us grow. Thanks for your support!
Advertisеment
Receiving “MoveFile” error messages that will not allow me to install Winaero Tweaker v1.55 on my Windows 10 Pro laptop. Tried downloads from multiple sites, including this one, and all to no luck or avail. Can someone please help with this, as I really want to use this app to maintain my PC – thanks in advance.
Do not download from other sites. Many shady sites out there unfortunately. I have been running v1.55 on a Windows 10 computer with no problems. I usually use portable ver.
It would be great if we had a hash so we know that the file(s) are not modified.
Okay, I will provide hashes
I just downloaded “Winaero Tweaker” from this site 2 minutes ago, with no problems whatsoever. You could turn down your windows security, or turn it off altogether, just for the download. Sergey is the man to ask.