Azure users running Linux VMs should update their systems right away

Cloud Security
(Image credit: laymanzoom / Shutterstock)

Four zero-day vulnerabilities in an open source piece of software that’s embedded in many popular Azure services can be exploited for privilege escalation and remote code execution attacks, report cybersecurity researchers. 

The vulnerabilities in the software agent named Open Management Infrastructure (OMI) were discovered by researchers at Wiz, who estimate that they affect thousands of Azure customers, across millions of endpoints. 

The OMI agent is automatically deployed inside Linux virtual machines (VM) when users enable certain Azure services, the researchers point out.

TechRadar needs you!

We're looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won't take more than 60 seconds of your time, and we'd hugely appreciate if you'd share your experiences with us.

>> Click here to start the survey in a new window <<

“One of the biggest challenges in preventing [cyberattacks] is that our digital supply chain is not transparent. If you don’t know what’s hidden in the services and products you use every day, how can you manage the risk?” argue the researchers.

Software supply chain blind spot

The vulnerabilities affect Azure customers on Linux machines, which, according to some estimates, make up a sizable number of all Azure instances. 

These users put their VMs at risk when they use certain Azure services such as Azure Automation, Azure Automatic Update, Azure Log Analytics, Azure Configuration Management, and others.

In fact, Wiz researchers note that analyzing a small sample of Azure tenants revealed that over 65% were at risk of the vulnerabilities, colourfully named “OMIGOD” which was the researchers first reaction when they discovered them. 

“In addition to Azure cloud customers, other Microsoft customers are affected since OMI can be independently installed on any Linux machine and is frequently used on-premise,” the researchers add.

The good news is that Microsoft has shipped fixes for the issues as part of the September Patch Tuesday bundle, and Wiz urges all Azure users to ensure they are running patched versions of the OMI.

TOPICS
Mayank Sharma

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’s TechRadar Pro’s expert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.

Read more
A person at a laptop with a cybersecure lock symbol floating above it.
Hackers are still using old Ivanti bugs to break into networks
Representational image depecting cybersecurity protection
Hackers are breaking SonicWall products to target business networks
A person holding a virtual cloud in the palm of their hand.
Amazon EC2 instances could be under fire from whoAMI technique giving hackers code execution access
The best free firewall
Microsoft fixes Power Pages security flaw, tells users to be on their guard
Flag of the People&#039;s Republic of China overlaid with a technological network of wires and circuits.
One of the biggest flaws exploited by Salt Typhoon hackers has had a patch available for years
Representational image depecting cybersecurity protection
Ivanti reveals major security update, so make sure you're protected
Latest in Pro
Cybersecurity
Why OT security needs exposure management to break the cycle of endless patching
Employees sat around together discussing business issues.
AI deregulation: what smart leaders do when the rules go off the rails
Branch office chairs next to a TechRadar-branded badge that reads Big Savings.
This office chair deal wins the Amazon Spring Sale for me and it's so good I don't expect it to last
Saily eSIM by Nord Security
"Much more than just an eSIM service" - I spoke to the CEO of Saily about the future of travel and its impact on secure eSIM technology
NetSuite EVP Evan Goldberg at SuiteConnect London 2025
"It's our job to deliver constant innovation” - NetSuite head on why it wants to be the operating system for your whole business
FlexiSpot office furniture next to a TechRadar-branded badge that reads Big Savings.
Upgrade your home office for under $500 in the Amazon Spring Sale: My top picks and biggest savings
Latest in News
DeepSeek
Deepseek’s new AI is smarter, faster, cheaper, and a real rival to OpenAI's models
Open AI
OpenAI unveiled image generation for 4o – here's everything you need to know about the ChatGPT upgrade
Apple WWDC 2025 announced
Apple just announced WWDC 2025 starts on June 9, and we'll all be watching the opening event
Hornet swings their weapon in mid air
Hollow Knight: Silksong gets new Steam metadata changes, convincing everyone and their mother that the game is finally releasing this year
OpenAI logo
OpenAI just launched a free ChatGPT bible that will help you master the AI chatbot and Sora
An aerial view of an Instavolt Superhub for charging electric vehicles
Forget gas stations – EV charging Superhubs are using solar power to solve the most annoying thing about electric motoring