Tata AIG General Insurance Company - Insurer Innovation Award 2024
How prancer protects azure v ms from critical “omigod” vulnerabilities
1. How Prancer protects Azure VMs from Critical “OMIGOD”
vulnerabilities
Wiz.io, a security research firm, recently found four vulnerabilities in Microsoft’s Open
Management Infrastructure (OMI) framework. With these OMI vulnerabilities, hackers could use
them remotely to gain root access on Linux servers running on the Azure cloud and enable them
to take control of your system.
Vulnerable servers came under attack by botnets exploiting a flaw in Open Management
Infrastructure (OMI) agent. Due to its severity, the vulnerability termed “OMIGOD” was quickly
exploited and resulted in many malicious cyberattacks on computers worldwide, including
Denial-of-Service attacks until they could be patched up.
Since then, Microsoft has released updates for their customers to mitigate this issue. However,
the lack of secure Network Security Group policies on the Linux systems that expose OMI ports
TCP 5985-5986 & 1270 to the internet allowed the remote code execution and privilege
escalation on the Azure Linux servers.
This emphasizes the importance of policy-based cloud preventive and detective controls.
Prancer’s open Policy-based rules engine and static code analyzer continuously validates the
network security policies at deployment time and run time to protect its customers from
OMIGOD and other vulnerabilities.
2. Prancer Platform Compliance database includes the vulnerability check for OMI ports for all the
clouds. You can review our Cloud Compliance policies here at : https://github.com/prancer-
io/prancer-compliance-test