A couple days ago, it was reported that a security flaw had been found in Microsoft’s cloud service. Now however, it has been revealed that Microsoft has fixed the vulnerability in its cloud computing service. This will provide relief from the warning that the flaw could have been used by hackers to take over a major cloud-computing database product by the company, that is mainly used by industry giants.
On Friday, the company also said that it doesn’t have reason to believe that there had been any exploit of the potential data back door by hackers or malicious actors. Neither is there any evidence of customer data being compromised.
Unprecedented Critical Vulnerability
The “unprecedented critical vulnerability” had first been identified by Wiz, a cybersecurity firm led by former Microsoft employees, in early August, following which, the tech biggie had been notified promptly.
Had it been exploited, the flaw could have affected the operations of thousands of companies, including many of which belong to the prestigious Fortune 500 list, as per a revelation by Wiz. However, Microsoft on Friday said that the flaw had affected only a small subset of the product’s large user base.
Prior to the latest flaw being found out, Microsoft had in March become the victim of a hack on its Exchange mail servers, which had been blamed on spies from China. Apart from that, thee company’s code had apparently been used to keep tabs on the email history of US officials, an incident that had been said to be connected with Russian intel agents, and associated with software firm SolarWinds.
Rising Concerns And Pledged Investments
Even though there is no evidence of the flaw having had any major effect on customer security, it did work to raise major concerns about the safety of cloud services, especially in the face of the increasing interest being shown by governments and businesses alike, in the same.
This growing concern seems to also have resulted in the White House calling a cybersecurity summit on Thursday, following which, Microsoft pledged $20 billion in cyber security in the next five years, along with $150 million towards technical services designed to help governments amp up their defense systems. This comes even as federal lawmakers had called for Microsoft to upgrade its security, earlier this year. The catch here (for the company anyway) is that it will have to stop fleecing taxpayers.
Source: Associated Press
