Welcome to the 72nd Edition of The Catch Block!

In this edition: ChaosDB causes chaos; MS builds a geothermal energy plant; five ways to communicate between services; Visual Studio theming; and TypeScript 4.4 is released.

Let's dive in!

A Major Vulnerability Discovered in Azure and CosmosDB

A few days ago, cloud security company Wiz made a shocking announcement: they had discovered and exploited a vulnerability in Microsoft's Azure and Cosmos DB services which allowed them to gain "complete and unrestricted access to the accounts and databases of several thousand Microsoft Azure customers".

They termed this vulnerability "ChaosDB" and announced it in a blog post, which you can read:

ChaosDB: How we hacked thousands of Azure customers’ databases | Wiz Blog
Wiz BlogNir Ohfeld and Sagi Tzadik

This story got picked up by the tech media companies, resulting in articles like this:

Thousands of Microsoft Consumers Affected by New Azure Cosmos Flaw
Here are other things you need to know about the “ChaosDB” flaw.
Tech TimesGriffin Davis

What was worse: even though Microsoft disabled this vulnerability as soon as they were notified, because it involved the primary read/write key on the customer's side, the customers impacted by this vulnerability are not safe until they regenerate their key.

Safe to say, this story will be on Microsoft's mind for the time being, which probably sucks for them because of the next story.

Microsoft Builds a Geothermal Energy Plant

550 feet below the expansion of Microsoft's campus in Redmond, WA is a new geothermal plant that will partially power the new buildings being constructed there:

The centerpiece of Microsoft’s massive new expansion is 550 feet underground
The crowning jewel of the tech giant’s new campus expansion isn’t a flying saucer or a glass mountain. It’s a geothermal energy plant—and one of the largest in North America.
Fast CompanyNate Berg

Even cooler: it'll be open to the public! Looking forward to checking this out if I ever make it up to Seattle.

This article is for paying subscribers only

Sign up now and upgrade your account to read the article and get access to the full library of articles for paying subscribers only.

Sign up now Already have an account? Sign in