Select Page

Microsoft has incorporated additional improvements to address the recently disclosed SynLapse security vulnerability in order to meet comprehensive tenant isolation requirements in Azure Data Factory and Azure Synapse Pipelines.

The latest safeguards include moving the shared integration runtimes to sandboxed ephemeral instances and using scoped tokens to prevent adversaries from using a client certificate to access other tenants’ information.

“This means that if an attacker could execute code on the integration runtime, it is never shared between two different tenants, so no sensitive data is in danger,” Orca Security said in a technical report detailing the flaw.

In a statement shared with The Hacker News regarding the protections deployed, Microsoft said it fully mitigated different attack paths to the vulnerability across all integration runtime types.

The tech giant stated that it “contained and closely monitored the backend certificate for adversary activity and pivots, before rotation and revocation,” and that it “added additional defence in depth to backend API’s by moving to using activity isolated time-bound tokens instead of certificate.”

images from Hacker News