_roof-banner-975x100.jpg?lu=455)
30 July 2024
Microsoft is reportedly investigating another ongoing and widespread outage blocking access to some Microsoft 365 and Azure services.
"We're currently investigating access issues and degraded performance with multiple Microsoft 365 services and features. More information can be found under MO842351 in the admin center," said Microsoft on X.
Users are struggling to connect to the Microsoft 365 admin centre and opening the Service Health Status page, which should provide real-time information on issues impacting Microsoft Azure and the Microsoft 365/Power Platform admin centres.
Microsoft asserts that this incident is only affecting a subset of users in Europe.
Update: Microsoft researchers initially reported a critical vulnerability in VMware’s ESXi hypervisors. Ransomware operators are using this problem to attack systems worldwide.
"While the security advisory for CVE-2024-37085 provided a moderate severity rating, a CVSSv3 score of 6.8 and Tenable Vulnerability Prioritization Rating of medium, successful exploitation can be catastrophic for impacted organizations," said Scott Caveza, staff research engineer at Tenable. "Microsoft’s analysis of compromised hosts provided valuable insights into the variety of methods that can be deployed to compromise ESXi hosts. All new and existing attack methods appear relatively simple and straightforward to exploit provided conditions exist that would allow for exploitation in the first place. While the complexity is low, an attacker first needs elevated privileges in order to modify the active directory (AD) configuration on the affected host. An attacker could take complete control of an ESXi host and access the contents of any underlying virtual machines (VMs)."
More: Microsoft has since confirmed that the outage was triggered by a distributed denial of service (DDoS) cyberattack. An 'unexpected usage spike' resulted in Azure Front Door and Azure Content Delivery Network components “performing below acceptable thresholds, leading to intermittent errors, timeout and latency spikes.” The initial DDoS attack had activated Microdoft's DDoS protection mechanisms, but an error in the implementation of defenses “amplified the impact of the attack rather than mitigating it."
