Microsoft fixes critical security vulnerability in Azure CLI

Microsoft fixed a critical security vulnerability that could be used by attackers to recover plaintext passwords and usernames from log files created by the affected CLI commands and published by Azure DevOps and GitHub Actions. The company has also implemented a new Azure CLI default configuration to bolster security measures, aiming to prevent accidental disclosure of sensitive information. “We’re expanding our credential redaction capabilities in GitHub Actions and Azure Pipelines to identify a wider number of recognizable key patterns in build logs and mask them” Microsoft shared in a blog post. The company has also advised existing users to update Azure CLI to the latest release, avoid exposing Azure CLI output in logs or publicly accessible location and rotate keys on a regular basis.