{"id":40824,"date":"2021-05-11T15:09:53","date_gmt":"2021-05-11T15:09:53","guid":{"rendered":"https:\/\/packetstormsecurity.com\/news\/view\/32277\/Vulnerability-Attacks-Weakness-In-Microsoft-Azure-VM-Extensions.html"},"modified":"2021-05-11T15:09:53","modified_gmt":"2021-05-11T15:09:53","slug":"vulnerability-attacks-weakness-in-microsoft-azure-vm-extensions","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/vulnerability-attacks-weakness-in-microsoft-azure-vm-extensions\/","title":{"rendered":"Vulnerability Attacks Weakness In Microsoft Azure VM Extensions"},"content":{"rendered":"<div class=\"wysiwyg\">\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" loading=\"lazy\" width=\"1024\" height=\"682\" src=\"https:\/\/www.scmagazine.com\/wp-content\/uploads\/2021\/04\/GettyImages-1207074418-1-1024x682.jpg\" alt class=\"wp-image-122621\" srcset=\"https:\/\/www.scmagazine.com\/wp-content\/uploads\/2021\/04\/GettyImages-1207074418-1-1024x682.jpg 1024w, https:\/\/www.scmagazine.com\/wp-content\/uploads\/2021\/04\/GettyImages-1207074418-1-300x200.jpg 300w, https:\/\/www.scmagazine.com\/wp-content\/uploads\/2021\/04\/GettyImages-1207074418-1-768x512.jpg 768w, https:\/\/www.scmagazine.com\/wp-content\/uploads\/2021\/04\/GettyImages-1207074418-1-860x573.jpg 860w, https:\/\/www.scmagazine.com\/wp-content\/uploads\/2021\/04\/GettyImages-1207074418-1-156x104.jpg 156w, https:\/\/www.scmagazine.com\/wp-content\/uploads\/2021\/04\/GettyImages-1207074418-1-312x208.jpg 312w, https:\/\/www.scmagazine.com\/wp-content\/uploads\/2021\/04\/GettyImages-1207074418-1-640x427.jpg 640w, https:\/\/www.scmagazine.com\/wp-content\/uploads\/2021\/04\/GettyImages-1207074418-1.jpg 1280w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\"><figcaption>Researchers at Intezer released details behind a previously undisclosed vulnerability that could allow Microsoft Azure users with low-level privileges to leak private data from any virtual machine extension plugged into their cloud environment. (Photo by Jeenah Moon\/Getty Images)<\/figcaption><\/figure>\n<p>Researchers at Intezer released details behind a previously undisclosed vulnerability that could allow Microsoft Azure users with low-level privileges to leak private data from any virtual machine extension plugged into their cloud environment.<\/p>\n<p>Microsoft\u2019s Azure Virtual Machine Linux uses an integrated plugin system that allows users to install first and third-party applications. In order to manage and update those installations, Azure installs a guest agent on systems to help coordinate and configure extension files. One of those communications takes place with an HTTP service called Wire Server that is used by Azure\u2019s VM manager and helps users to query sensitive but encrypted data beyond what those extensions are authorized to access.<\/p>\n<p>Decrypting these data require a private key and transport certificate, both of which the researchers were able to forge due to the fact that the certificates endpoint doesn\u2019t validate transport certificates. While the IP address used to communicate with Azure components has a rule in place to automatically drops packets from anyone but the root user, the researchers discovered that the same machine is also connected to another IP address. By directing their requests to that second IP, Intezer was able to communicate with the server despite not having a privileged account.<\/p>\n<p>The vulnerability was quietly patched in March, Ari Etan, but vice president of research at Intezer said they first discovered the flaw and informed Microsoft late last year. Etan said without internal Microsoft data, they are unable to confirm whether it has ever been exploited in the wild, but Microsoft\u2019s <a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2021-27075\" target=\"_blank\" rel=\"noreferrer noopener\">CVE entry<\/a> indicates it has not.<\/p>\n<p>According to Eitan, the flaw would first require an attacker to have an unprivileged or low-level user account on a victim\u2019s cloud environment. Then, it would need to be paired with another vulnerability, <a href=\"https:\/\/www.guardicore.com\/labs\/recovering-plaintext-passwords-azure\/\">like this one<\/a>, that can recover plaintext passwords from Azure VM environments. Eitan said this is likely only one of multiple pathways to exploit the flaw, and that the Guardicore vulnerability they settled on was just the first one they tested.<\/p>\n<p>\u201cTo be honest we were looking for the fast track here, so maybe there are other vulnerabilities we could use\u2026or find something from scratch, but [vulnerability chaining] is the path we wanted to go because we wanted to show the quick value from an attacker\u2019s perspective,\u201d he said.<\/p>\n<p>Microsoft appears well aware of the way attackers are using Azure extensions, including to create or modify user privileges. <a href=\"https:\/\/www.microsoft.com\/security\/blog\/2021\/03\/09\/azure-lolbins-protecting-against-the-dual-use-of-virtual-machine-extensions\/\" target=\"_blank\" rel=\"noreferrer noopener\">Earlier this year<\/a> the company said that Azure extensions for VMAccess, custom scripts and anti-malware are all being actively leveraged in attacks against client cloud environments; used to elevate privileges, mine cryptocurrency and disable security protections.<\/p>\n<p>\u201cThere is no doubt that the VMAccess Extension is a handy way for an attacker to gain initial access to VMs with elevated privileges,\u201d Microsoft wrote in March. \u201cSuch notorious usages of the extension may sometimes be difficult to notice. As an example, leveraging VM Access to create a common service user or modifying an existing one.\u201d<\/p>\n<p>Eitan said in this case, because the flaw was in Microsoft\u2019s code, there is little that businesses could have done pre-patch to protect themselves, though following cybersecurity basics like having distinct passwords for different endpoints could have limited the damage.<\/p>\n<p>However, he emphasized that one of the biggest drivers of cloud insecurity today is the lackadaisical approach of users who believe that their cloud provider is the only one responsible for securing their assets, when in reality it is often a two-way street.<\/p>\n<p>\u201cI have a lot of discussions with Cloud and DevSecOps [people], sometimes they think once we publish a vulnerability on Azure, they have the feeling that Azure is in charge of security in the cloud and not them, and that\u2019s not the message I want to deliver,\u201d said Eitan. \u201cAzure is in charge of their part but you\u2019re in charge of your part and mixing them together, that\u2019s what you need to do to stay protected.\u201d<\/p>\n<\/p><\/div>\n<section class=\"post-tags\">\n<h2>Topics:<\/h2>\n<p> <a href=\"https:\/\/www.scmagazine.com\/tag\/cloud\/\" class=\"button -secondary\">Cloud<\/a> <a href=\"https:\/\/www.scmagazine.com\/tag\/vulnerability-management\/\" class=\"button -secondary\">Vulnerability Management<\/a> <\/section>\n<p> READ MORE <a href=\"https:\/\/packetstormsecurity.com\/news\/view\/32277\/Vulnerability-Attacks-Weakness-In-Microsoft-Azure-VM-Extensions.html\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":40825,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[277],"tags":[5505],"class_list":["post-40824","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity-blogs","tag-headlinehackermicrosoftflaw"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v26.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Vulnerability Attacks Weakness In Microsoft Azure VM Extensions 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/vulnerability-attacks-weakness-in-microsoft-azure-vm-extensions\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Vulnerability Attacks Weakness In Microsoft Azure VM Extensions 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/vulnerability-attacks-weakness-in-microsoft-azure-vm-extensions\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2021-05-11T15:09:53+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/05\/vulnerability-attacks-weakness-in-microsoft-azure-vm-extensions.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1024\" \/>\n\t<meta property=\"og:image:height\" content=\"682\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/vulnerability-attacks-weakness-in-microsoft-azure-vm-extensions\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/vulnerability-attacks-weakness-in-microsoft-azure-vm-extensions\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Vulnerability Attacks Weakness In Microsoft Azure VM Extensions\",\"datePublished\":\"2021-05-11T15:09:53+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/vulnerability-attacks-weakness-in-microsoft-azure-vm-extensions\/\"},\"wordCount\":717,\"publisher\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/vulnerability-attacks-weakness-in-microsoft-azure-vm-extensions\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/05\/vulnerability-attacks-weakness-in-microsoft-azure-vm-extensions.jpg\",\"keywords\":[\"headline,hacker,microsoft,flaw\"],\"articleSection\":[\"CyberSecurity Blogs\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/vulnerability-attacks-weakness-in-microsoft-azure-vm-extensions\/\",\"url\":\"https:\/\/www.threatshub.org\/blog\/vulnerability-attacks-weakness-in-microsoft-azure-vm-extensions\/\",\"name\":\"Vulnerability Attacks Weakness In Microsoft Azure VM Extensions 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/vulnerability-attacks-weakness-in-microsoft-azure-vm-extensions\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/vulnerability-attacks-weakness-in-microsoft-azure-vm-extensions\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/05\/vulnerability-attacks-weakness-in-microsoft-azure-vm-extensions.jpg\",\"datePublished\":\"2021-05-11T15:09:53+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/vulnerability-attacks-weakness-in-microsoft-azure-vm-extensions\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.threatshub.org\/blog\/vulnerability-attacks-weakness-in-microsoft-azure-vm-extensions\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/vulnerability-attacks-weakness-in-microsoft-azure-vm-extensions\/#primaryimage\",\"url\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/05\/vulnerability-attacks-weakness-in-microsoft-azure-vm-extensions.jpg\",\"contentUrl\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/05\/vulnerability-attacks-weakness-in-microsoft-azure-vm-extensions.jpg\",\"width\":1024,\"height\":682},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/vulnerability-attacks-weakness-in-microsoft-azure-vm-extensions\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.threatshub.org\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"headline,hacker,microsoft,flaw\",\"item\":\"https:\/\/www.threatshub.org\/blog\/tag\/headlinehackermicrosoftflaw\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Vulnerability Attacks Weakness In Microsoft Azure VM Extensions\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#website\",\"url\":\"https:\/\/www.threatshub.org\/blog\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\/\/www.threatshub.org\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/x.com\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Vulnerability Attacks Weakness In Microsoft Azure VM Extensions 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/vulnerability-attacks-weakness-in-microsoft-azure-vm-extensions\/","og_locale":"en_US","og_type":"article","og_title":"Vulnerability Attacks Weakness In Microsoft Azure VM Extensions 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/vulnerability-attacks-weakness-in-microsoft-azure-vm-extensions\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2021-05-11T15:09:53+00:00","og_image":[{"width":1024,"height":682,"url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/05\/vulnerability-attacks-weakness-in-microsoft-azure-vm-extensions.jpg","type":"image\/jpeg"}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/vulnerability-attacks-weakness-in-microsoft-azure-vm-extensions\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/vulnerability-attacks-weakness-in-microsoft-azure-vm-extensions\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Vulnerability Attacks Weakness In Microsoft Azure VM Extensions","datePublished":"2021-05-11T15:09:53+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/vulnerability-attacks-weakness-in-microsoft-azure-vm-extensions\/"},"wordCount":717,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/vulnerability-attacks-weakness-in-microsoft-azure-vm-extensions\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/05\/vulnerability-attacks-weakness-in-microsoft-azure-vm-extensions.jpg","keywords":["headline,hacker,microsoft,flaw"],"articleSection":["CyberSecurity Blogs"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/vulnerability-attacks-weakness-in-microsoft-azure-vm-extensions\/","url":"https:\/\/www.threatshub.org\/blog\/vulnerability-attacks-weakness-in-microsoft-azure-vm-extensions\/","name":"Vulnerability Attacks Weakness In Microsoft Azure VM Extensions 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/vulnerability-attacks-weakness-in-microsoft-azure-vm-extensions\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/vulnerability-attacks-weakness-in-microsoft-azure-vm-extensions\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/05\/vulnerability-attacks-weakness-in-microsoft-azure-vm-extensions.jpg","datePublished":"2021-05-11T15:09:53+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/vulnerability-attacks-weakness-in-microsoft-azure-vm-extensions\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/vulnerability-attacks-weakness-in-microsoft-azure-vm-extensions\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/vulnerability-attacks-weakness-in-microsoft-azure-vm-extensions\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/05\/vulnerability-attacks-weakness-in-microsoft-azure-vm-extensions.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/05\/vulnerability-attacks-weakness-in-microsoft-azure-vm-extensions.jpg","width":1024,"height":682},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/vulnerability-attacks-weakness-in-microsoft-azure-vm-extensions\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"headline,hacker,microsoft,flaw","item":"https:\/\/www.threatshub.org\/blog\/tag\/headlinehackermicrosoftflaw\/"},{"@type":"ListItem","position":3,"name":"Vulnerability Attacks Weakness In Microsoft Azure VM Extensions"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/40824","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=40824"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/40824\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/40825"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=40824"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=40824"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=40824"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}