Azure Linux administrators, it’s time to get patching. In response to the recent OMIGOD vulnerabilities, Microsoft has released an updated version of OMI, but you’ll need to upgrade on your own (via BleepingComputer). Here’s the full scoop.
OMIGOD vulnerabilities are named after OMI, an acronym that stands for the Open Management Infrastructure software agent. The OMIGOD vulnerabilities found in OMI have opened the door for RCE (Remote Code Execution) attacks from malicious parties. And if you’re an Azure user operating on a Linux setup with a service such as Azure Diagnostics or Azure Automation enabled, that means you have OMI on your Virtual Machine.
Microsoft, aware of the issues, has released an updated version of OMI that hopes to fix the aforementioned problems. Here’s the wrinkle: It can’t auto-update vulnerable extensions for the customer. They’ll need to do that themselves.
“Customers must update vulnerable extensions for their Cloud and On-Premises deployments as the updates become available per schedule outlined in table below,” Microsoft said in its blog post on the subject. You can read the post for expanded details and the full scoop on how Azure Linux users are affected.
As spotted by The Register, security experts appear to be displeased with the current situation.
For those of you who have read this far and still aren’t sure how this all pertains to your personal computing activities, feel free to disregard everything here and focus on other Microsoft news, such as the impending launch of Windows 11.
We may earn a commission for purchases using our links. Learn more.