Flaws punched holes in Azure cloud, Apple patches pretty much everything, Eurocops cuff Maltese …

Is ‘The Cloud’ inherently more secure than in-house?…:

Roundup It has been a busy week in infosec, though here’s a few more security news bites to mull over.

Storm clouds approaching Azure

The bug-hunters at Checkpoint have laid claim to the discovery and reporting of two serious, and now patched, security flaws in Microsoft Azure.

According to Checkpoint, the vulnerabilities would have potentially allowed a malicious virtual machine to break out of the Azure hypervisor protections and access the VMs of other tenants. In the wrong hands, the bugs would have had serious consequences.

The vulnerabilities, one designated CVE-2019-1234, and another not given an official number, have long since been patched after being privately disclosed to Microsoft. Still, the full story is an interesting read and a reminder that, just because your servers are hosted remotely they are not free of potentially serious security vulnerabilities.


Original article here