​

Microsoft released additional guidance on Open Management Infrastructure (OMI) vulnerabilities—CVE-2021-38645, CVE-2021-38649, CVE-2021-38648, and CVE-2021-38647—which impact Azure VM Management Extensions. According to Microsoft, “customers must update vulnerable extensions for their Cloud and On-Premises deployments as the updates become available…”

CERT Bulgaria encourages organizations to review Additional Guidance Regarding OMI Vulnerabilities within Azure VM Management Extensions for more information and to:

• ensure automatic updates are applied
• ensure manual updates are applied, as patches are made available
• restrict external access to Linux systems that expose OMI ports (TCP 5985, 5986, and 1270).