Azure Service Fabric Critical Fix for Privilege Escalation Threat

Microsoft has fixed a container escape bug dubbed FabricScape in the Service Fabric (SF) application hosting platform that let threat actors escalate privileges to root, gain control of the host node, and compromise the entire SF Linux cluster.

Service Fabric is a platform for business-critical applications that hosts over 1 million apps, according to Microsoft data.

It also powers many Microsoft products, including but not limited to Azure SQL Database, Azure Cosmos DB, Microsoft Intune, Azure Event Hubs, Azure IoT Hub, Dynamics 365, Skype for Business, Cortana, Microsoft Power BI, and multiple core Azure services.