urlscan.io logo urlscan.io
SecurityTrails logo

www.itnews.com.au Open in urlscan Pro
203.176.102.69  Public Scan

Back to summary
URL: https://www.itnews.com.au/news/azure-cli-credential-leak-part-of-microsofts-monthly-patch-rollup-602356
Submission: On November 15 via api from TR — Scanned from AU

Form analysis 1 forms found in the DOM

POST /news/azure-cli-credential-leak-part-of-microsofts-monthly-patch-rollup-602356

<form id="frm-login" action="/news/azure-cli-credential-leak-part-of-microsofts-monthly-patch-rollup-602356" method="post">
  <h3 class="section-header"><span>Log In</span></h3>
  <div id="login-form-register"><a href="/register">Don't have an account? Register now!</a></div>
  <div id="login-validation"></div>
  <div id="login-response"></div>
  <div class="form-label email-login">Email:</div>
  <div class="form-input"><input id="username" name="username" type="text" required=""></div>
  <div class="form-label password-login">Password:</div>
  <div class="form-input"><input id="password" name="password" type="password" required=""></div>
  <div class="row form-checkbox">
    <input id="rememberMe" name="rememberMe" type="checkbox"><label for="rememberMe">Remember me</label><span>&nbsp; | &nbsp;<a href="/forgot" title="Forgot your password?">Forgot your password?</a></span>
  </div>
</form>

Text Content

Latest News


CHELSEA MANNING: TECH MORE EFFICIENT THAN LAWS TO ENSURE PRIVACY


EPA VICTORIA HUNTS FOR NEW CISO


AZURE CLI CREDENTIAL LEAK PART OF MICROSOFT'S MONTHLY PATCH ROLLUP


GOV TO CREATE SAFE HARBOUR FOR COMPANIES UNDER CYBER ATTACK


SYDNEY METRO SEEKS PERMANENT CIO

 * Australia Edition

 * Asia Edition



LOG IN SUBSCRIBE  
Search
BUSINESS CLOUD DATA CENTRE
EDUCATION FINANCE HARDWARE
HEALTHCARE INDUSTRIAL NETWORKING
PROJECTS SOFTWARE STORAGE
STRATEGY TECHNOLOGY TELCO/ISP
State of Security State of Sustainability State of IT
Focal Points MEDIA HUB PARTNER CONTENT PARTNER HUBS RESEARCH
 * NEWS
 * GOVERNMENT
 * SECURITY
 * REPORTS
 * RESOURCES
 * PODCAST
 * BENCHMARKS

NEWS

BUSINESS CLOUD DATA CENTRE EDUCATION FINANCE HARDWARE HEALTHCARE INDUSTRIAL
NETWORKING PROJECTS SOFTWARE STORAGE STRATEGY TECHNOLOGY TELCO/ISP
GOVERNMENT SECURITY REPORTS

State of Security State of Sustainability State of IT
RESOURCES

Focal Points MEDIA HUB PARTNER CONTENT PARTNER HUBS RESEARCH
PODCAST BENCHMARKS
Australia Edition

Asia Edition



LOG IN

Email:

Password:

Remember me |  Forgot password?



Don't have an account? Register now!
 * Home
 * News
 * Technology
 * Security


AZURE CLI CREDENTIAL LEAK PART OF MICROSOFT'S MONTHLY PATCH ROLLUP

By Richard Chirgwin

Nov 15 2023 11:47AM



SEVERAL BUGS ALREADY EXPLOITED.

Microsoft’s regular patch day includes patches for zero-days and bugs already
under exploitation, along with three vulnerabilities rated critical.



One of the critical vulnerabilities, CVE-2023-36052, is important enough to
receive a detailed technical discussion in this blog post. 

The bug leaks credentials to GitHub Actions logs through the Azure command-line
interface (CLI).



Aviad Hahami of Palo Alto’s Prisma Cloud found that Azure CLI commands could be
used to show sensitive data and output to continuous integration and continuous
deployment (CI/CD) logs, Microsoft explained.

As well as making changes to “Azure Pipelines, GitHub Actions, and Azure CLI” to
improve secret redaction, Microsoft gives customer guidance to help avoid
revealing secrets through the CLI.



The other two critical vulnerabilities are CVE-2023-36400 and CVE-2023-36397.

CVE-2023-36400 gives an attacker privilege escalation via Windows hash-based
message authentication code (HMAC) key derivation, available to an attacker
already logged into the system.

“A successful attack could be performed from a low privilege Hyper-V guest. The
attacker could traverse the guest's security boundary to execute code on the
Hyper-V host execution environment,” Microsoft said.

This would give the attacker SYSTEM privileges.

CVE-2023-36397 is a remote code execution (RCE) vulnerability if Pragmatic
General Multicast (PGM) server is running a message queuing service.



“An attacker could send a specially crafted file over the network to achieve
remote code execution and attempt to trigger malicious code,” Microsoft’s
advisory stated.

The exploited vulnerabilities include CVE-2023-36036, CVE-2023-36025, and
CVE-2023-36033.

CVE-2023-36033, an elevation of privilege vulnerability in the Windows desktop
window manager (DWM) core library, only has a CVSS score of 7.8, but was
disclosed prior to this patch, and has been exploited to give attackers SYSTEM
privileges.

CVE-2023-36036 is a bug in the Windows Cloud mini filter driver, once again
exploited to escalate an attacker to SYSTEM privileges.

CVE-2023-36025 is a security bypass bug in Windows Smart Screen, exploited if an
attacker can get a victim to click on a crafted URL, or a link pointing to an
Internet shortcut file.

As the SANS Institute’s Johannes Ullrich explains in his Patch Tuesday rollup,
Microsoft has also shipped patches for the third-party Kubernetes, FRRouting,
Traceroute and PyYAML packages used in its Mariner Linux distribution.

Got a news tip for our journalists? Share it with us anonymously here.

Copyright © iTnews.com.au . All rights reserved.
Tags:
azuremicrosoftpatch tuesdaysecurity



RELATED ARTICLES

 * Chelsea Manning: Tech more efficient than laws to ensure privacy
 * EPA Victoria hunts for new CISO
 * Gov to create safe harbour for companies under cyber attack
 * FBI struggled to disrupt dangerous casino hacking gang


PARTNER CONTENT


As transformation accelerates, sustainability has never been more important

State of Security 2023

Partner Content Securing your endpoints is critical for defence in depth

Promoted Content Securing the Smart Devices across Asia Pacific’s Cloud
Platforms


SPONSORED WHITEPAPERS


How Mainframe Modernization Begins with Application Modernization

Insights Driven by Data. Verify, and keep verifying: Cybersecurity in a
zero-trust world

The Healthcare CISO’s Guide to Medical IoT Security

The Enterprise Buyer's Guide to IoT Security. 5 Must-Haves for Comprehensive
Zero Trust IoT Security

How to reach the ‘Holy Grail’ of security and performance with SASE





MOST READ ARTICLES


AUSTRALIAN PORTS OPERATOR SUFFERS 'CYBER SECURITY INCIDENT'


GOVERNMENT LOOKS AT PASSWORDLESS ACCESS FOR MYGOV


CONFLUENCE VULNERABILITIES UNDER ACTIVE RANSOMWARE EXPLOITATION


TELCOS TO BE ADDED TO SOCI REGIME


Please enable JavaScript to view the comments powered by Disqus.


DIGITAL NATION


Health tech startup Kismet raises $4m in pre-seed funding

State of Security 2023

More than half of loyalty members concerned about their data

How eBay uses interaction analytics to improve CX

COVER STORY: What AI regulation might look like in Australia


Sponsored Links
 * Rittal All-in-one Micro Data Centre Solutions for all on-premise applications
   – Rack, Power, Cooling, Security & Monitoring.


MOST POPULAR TECH STORIES

 *  
   
   
   STATE OF SECURITY 2023
   
   
   COVER STORY: SUSTAINABILITY AND AI, A PROMISING PARTNERSHIP OR AN
   ENVIRONMENTAL GREY AREA?
   
   
   FYAI: WHAT IS AN AI HALLUCINATION AND HOW DOES IT IMPACT BUSINESS LEADERS?
   
   
   CASE STUDY: WARREN AND MAHONEY ADOPTS DIGITAL TOOLS TO REDUCE ITS CARBON
   FOOTPRINT
   
   
   CRICKET AUSTRALIA AUTOMATES EXPERIENCES FOR FANS AND PLAYERS

 *  
   
   
   OPTUS NETWORK OUTAGE CUTS OFF MILLIONS OF AUSTRALIANS
   
   
   APRA WARNS FINANCE SECTOR ON CYBERSECURITY NON-COMPLIANCE
   
   
   GOVERNMENT SAYS PORTS OPERATOR DP WORLD CYBER INCIDENT "SERIOUS"
   
   
   THE 2023 CRN FAST50 COMPANIES: SEE THE LIST
   
   
   OPTUS OUTAGE CAUSES CHAOS IN AUSTRALIA BEFORE SERVICES RESTORED

 *  
   
   
   RIGHT TO REPAIR: LARGE SCALE IT BUYERS CAN INFLUENCE PRODUCT DESIGN... AND
   THEY SHOULD
   
   
   SHIVERING IN SUMMER? SWEATING IN WINTER? YOUR BUILDING IS LIVING A LIE
   
   
   BUILDING A MODERN WORKPLACE FOR A REMOTE WORKFORCE
   
   
   VENOM BLACKBOOK ZERO 15 PHANTOM
   
   
   HOW LONG WILL A UPS KEEP YOUR COMPUTERS ON IF THE LIGHTS GO OUT?

 *  
   
   
   WHEN MINUTES SAVE LIVES: IOT DELIVERS EARLIER FLOOD WARNINGS
   
   
   SAMSUNG, WHIRLPOOL BANK ON SMART FRIDGE RENAISSANCE
   
   
   ANNOUNCING THE 2022-23 IOT AWARDS FINALISTS
   
   
   QUINBROOK ANNOUNCES PLATFORM FOR REAL-TIME TRACKING AND REPORTING OF
   RENEWABLE ENERGY CONSUMPTION
   
   
   ORANGE BUSINESS AND MACHINEMAX PARTNER TO OPTIMISE HEAVY MACHINERY

Contact Us About Us Feedback Advertise Newsletter Archive Site Map RSS
  © 2023 nextmedia Pty Ltd.
OTHER TECH SITES: BIT  |  CRN Australia  |  Digital Nation  |  IoT Hub
All rights reserved. This material may not be published, broadcast, rewritten or
redistributed in any form without prior authorisation.
Your use of this website constitutes acceptance of nextmedia's Privacy Policy
and Terms & Conditions.
Powered By
Ad will close in 11s




Accept
By using our site you accept that we use and share cookies and similar
technologies to perform analytics and provide content and ads tailored to your
interests. By continuing to use our site, you consent to this. Please see our
Cookie Policy for more information.


 Close


LOG IN

Don't have an account? Register now!


Email:

Password:

Remember me  |  Forgot your password?
Log InCancel