Auto-update of Azure Log Analytics agent and Diagnostics Extension for Linux extension available

Table of Contents1 Background2 New Feature3 Security Recommendations At Microsoft we are continuously working to harden our environment and make it easier for customers and partners to apply patches and updates. Monthly, Microsoft issues several updates during what is commonly referred to as “Patch Tuesday.” During Patch Tuesday, Microsoft assigns […]

At Microsoft we are continuously working to harden our environment and make it easier for customers and partners to apply patches and updates. Monthly, Microsoft issues several updates during what is commonly referred to as “Patch Tuesday.” During Patch Tuesday, Microsoft assigns Common Vulnerabilities and Exposure (CVE) numbers to cloud-based vulnerabilities when there is a specific message that we want to send about necessary action to take, either by our customers to protect themselves or by the industry to protect the ecosystem.

 

When Microsoft issues a CVE, there is almost always action required to be taken by the customer. In instances where customer action is required, Microsoft understands each customer has their own process and timeframe for applying updates. However, we recommend applying all updates as soon as possible.

 

As part of June’s “Patch Tuesday,” we issued CVE-2022-29149 to address a local Elevation of Privilege in Azure Open Management Infrastructure (OMI).

 

Over the past year, our team has been developing an Automatic Extension Upgrade feature and are excited to announce the availability of this capability for the Azure Log Analytics agent and Diagnostics extension for Linux.

 

Background

The Azure Log Analytics agent for Linux (aka OMS agent) and Diagnostics Extension for Linux (aka LAD agent) collects telemetry from Linux virtual machines. The OMS agent works in any cloud, on-premises machines, and machines monitored by System Center Operations Manager. Collected data is sent to your Log Analytics workspace in Azure Monitor. The Log Analytics agent also supports insights and other services in Azure Monitor such as VM insights, Microsoft Defender for Cloud, and Azure Automation. The LAD agent collects the same data types as OMS, but instead has the capability to send the collected data to a variety of data destinations, such as Azure Storage, Metrics, and Event Hub.

 

New Feature

On Azure Virtual Machines (VMs), the OMS and LAD agents could be installed as a virtual machine extension. Now, you can let the extension automatically update by turning on the “Automatic Extension Upgrade” option for the extensions. You can do this by setting the flag to true via API, CLI or PowerShell as documented here for OMS and here for LAD.

 

Security Recommendations

We strongly recommend enabling automatic updates for the OMS agent and LAD agent as soon as possible

  1. For the longer term, we recommend migrating to Azure Monitor agent that is not dependent on OMI. As communicated previously, the Log Analytics agent is on a deprecation path and will no longer be supported after August 31, 2024. As such, you must ensure migrating to the new Azure Monitor agent prior to that date. We also plan to bring the capabilities of the Diagnostics Extension for Linux (LAD) to Azure Monitor Agent at a later date.
  2. This update ensures that customers get important security or performance updates to the extension as soon as possible without manual overhead.

 

As always, we welcome feedback from customers and partners which supports our efforts to continuously harden our products and services. We want to thank the Wiz team for their collaboration and commitment to helping make Azure customers more secure.

Source Article

Next Post

Could Mexico’s rise in the furniture industry falter as Asia returns to normal?

Sat Sep 3 , 2022
HIGH POINT – Mexico’s meteoric rise as a place to manufacture furniture over the past few years is difficult to deny. The country’s furniture exports to the U.S. rose a whopping 61% in 2021 over 2020. Many furniture makers have recently set up operations there including Legends Furniture, New Classic […]