Share this article
Latest news
With KB5043178 to Release Preview Channel, Microsoft advises Windows 11 users to plug in when the battery is low
Copilot in Outlook will generate personalized themes for you to customize the app
Microsoft will raise the price of its 365 Suite to include AI capabilities
Death Stranding Director’s Cut is now Xbox X|S at a huge discount
Outlook will let users create custom account icons so they can tell their accounts apart easier
A new Azure Pipelines security issue has been found, Microsoft urges customers to update
The patch is already available and most customers should be safe
2 min. read
Published onJanuary 31, 2024
published onJanuary 31, 2024
Share this article
Read our disclosure page to find out how can you help Windows Report sustain the editorial teamRead more
A new security flaw was found by security researchers that affects Azure Pipelines which can affect up to 70,000 open-source projects.
What do we know about this security flaw and how dangerous it is? Keep on reading if you want to learn more.
A new security flaw lets hackers run code in a live environment
According to researchers at Legit Security, there’s a flaw in Azure Pipelines. Using this flaw, the hackers can inject malicious code into source code and other projects that are hosted in a testing environment.
According to the reports, the vulnerability is triggered after submitting a contribution or editing a build system project that resides on Azure Pipelines.
The code that is tested in Azure Pipelines usually runs in a safe environment, but hackers have found a way to run the test code in the live environment, allowing it to access sensitive information and data.
According to research, the most vulnerable are the repositories that are using a trigger in Azure Pipelines.
With this exploit hackers can obtain elevated access to the organization’s network; however, this doesn’t make them able to execute an attack, according to Microsoft.
Microsoft released a patch in October and all customers that are up to date should be protected from this exploit. The company is vigilant when it comes to security, and they alsopatched CVE-2024-0519 vulnerability in Edgerecently.
While this exploit is dangerous, as long as you’re up to date, you should be safe since Microsoft has acknowledged and fixed the problem. In case you don’t have automatic updates enabled, go ahead and download the update manually.
More about the topics:Cybersecurity,Microsoft Azure
Milan Stanojevic
Windows Toubleshooting Expert
Milan has been enthusiastic about technology ever since his childhood days, and this led him to take interest in all PC-related technologies. He’s a PC enthusiast and he spends most of his time learning about computers and technology.
Before joining WindowsReport, he worked as a front-end web developer. Now, he’s one of the Troubleshooting experts in our worldwide team, specializing in Windows errors & software issues.
User forum
0 messages
Sort by:LatestOldestMost Votes
Comment*
Name*
Email*
Commenting as.Not you?
Save information for future comments
Comment
Δ
Milan Stanojevic
Windows Toubleshooting Expert
Before joining WindowsReport, he worked as a front-end web developer. Now, he’s specialized in Windows errors & software issues.
