Security
Headlines
HeadlinesLatestCVEs

Tag

#Azure OMI

CVE-2022-29149: Azure Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability

**What are some of the services affected by this vulnerability?** The following table lists some of the affected services, and the changes associated with the remedy for this vulnerability: Affected Product New Version Number Customer action required DSC Patch for Version 3: 3.0.0.7 and Patch for Version 2: 2.71.1.33 No Customer Action required; these are auto updated for all customers. SCOM For 2016: 7.6.1108.0; for 2019: 10.19.1152.0; and for 2022: 10.22.1024.0 Customers need to update MPs 2016, 2019, and 2022. OMS 1.14.13 There are 2 ways to install OMS Agent: Bundle or through VM Extension. Using a Bundle Link and for VM Extensions, through Azure Powershell CMDlets or Azure CLI. ASC 1.14.13 Update via VM extension. Container Monitoring Solution Image tag: microsoft-oms-latest with full ID: sha256:6131e66cdf7bd07f9db3bbb17902ea8695a2f2bda0cf72ff16170aaf93b56f3b See How to Upgrade OMS Docker for details on how to check your current image ID and to upgrade OMS-docke...

Microsoft Security Response Center
#vulnerability#web#microsoft#docker#Azure OMI#Security Vulnerability
Microsoft Patch Tuesday, September 2021 Edition

Microsoft today pushed software updates to plug dozens of security holes in Windows and related products, including a vulnerability that is already being exploited in active attacks. Also, Apple has issued an emergency update to fix a flaw that's reportedly been abused to install spyware on iOS products, and Google's got a new version of Chrome that tackles two zero-day flaws. Finally, Adobe has released critical security updates for Acrobat, Reader and a slew of other software.