Microsoft Cloud Databases Vulnerable for Years, Firm Says (1)

A vulnerability in Microsoft Inc.’s cloud database system left data at thousands of clients exposed to potential cyberattacks for about two years, according to the Israeli cybersecurity firm that discovered the bug.

More than 3,300 of the software giant’s customers were exposed to a flaw in its Azure Cosmos DB database product that could have granted a malicious actor access keys to steal, edit or delete sensitive data, according to researchers at the Tel Aviv-based Wiz.io. Wiz’s co-founder and Chief Technology Officer Ami Luttwak says his team of researchers discovered the vulnerability on Aug. 9 while managing security ...