Researchers detail a misconfiguration in Microsoft s Azure cloud platform that could have given hackers carte blanche access to a targeted company’s cloud services. Microsoft acknowledged the problem and added that the issue was fixed internally and that it was intentionally fixed. Researchers said the bug is tied to URL parsing within a JavaScript file used within the Microsoft Azure Portal. The vulnerability was discovered in September and Microsoft unintentionally fixed it within two weeks as part of a regular update to its Azure platform.
Source: https://threatpost.com/azure-red-flag-microsoft-fixes-cloud-config-bug/153928/