Month: November 2022

Summary Summary Microsoft is aware and actively addressing the impact associated with the recent OpenSSL vulnerabilities announced on October 25th 2022, fixed in version 3.0.7. As part of our standard processes, we are rolling out fixes for impacted services. Any customer action that is required will be highlighted in this blog and our associated Security Update Guides (CVE-2022-3786 Security Update Guide and CVE-2022-3602 Security Update Guide).

Azure Storage now supports customer-managed keys using a key vault on a different Azure Active Directory tenant.

Secure your digital payment system in the cloud with Azure Payment HSM.

Beginning in November, Azure Databricks customers have an additional option for SQL compute, with Azure Databricks SQL Pro, which provides enhanced performance and integration features.

Use Device Update for IoT Hub to publish, distribute, and manage over-the-air updates for everything from tiny sensors to gateway-level devices.

Summary Summary Microsoft recently fixed an authentication bypass vulnerability in Jupyter Notebooks for Azure Cosmos DB (currently in preview) reported by Orca Security. Customers not using Jupyter Notebooks (99.8% of Azure Cosmos DB customers do NOT use Jupyter notebooks) were not susceptible to this vulnerability.
The bug was introduced on August 12th and fully patched worldwide on Oct 6th, two days after it was reported.