![kaseya agent update red text kaseya agent update red text](https://support.itglue.com/hc/article_attachments/360008380377/Executing_VSA_automation_in_IT_Glue_-_DRAFT_-_Google_Docs.png)
If you don’t know what’s hidden in the services and products you use every day, how can you manage the risk? One of the biggest challenges in preventing them is that our digital supply chain is not transparent.
![kaseya agent update red text kaseya agent update red text](https://venturebeat.com/wp-content/uploads/2020/02/revl-app-trio.jpg)
Supply chain cyberattacks have disrupted everyday life and dominated headlines this year. Azure Linux machines are not configured to the repository where the fixed OMI version is located Update September 14, 2:00PM EST - Microsoft's remediation guidance is not effective. Vulnerable OMI versions are still deployed to new Linux VMs when enabling these services Update September 14, 3:30PM EST - Microsoft's remediation guidance was fixed after Wiz approached MSRC. Update September 15, 10:00AM EST - As of now, the affected Azure services (see list below) haven't been fixed. Update September 16, 07:00AM EST - The list of impacted services was updated thanks to individuals who approached Wiz (credit below). Follow the updated mitigation guidance by MSRC.
![kaseya agent update red text kaseya agent update red text](https://helpdesk.kaseya.com/hc/article_attachments/4404041176593/blobid0.png)
#KASEYA AGENT UPDATE RED TEXT MANUAL#
Existing machines onboarded to impacted services still require manual update. Azure Log Analytics and others are yet to be patched. Update September 17, 06:00AM EST - Microsoft has started updating impacted Azure services. We urge customers to follow the remediation steps below. Update September 17, 10:00AM EST - Wiz's threat research team is aware of wide active exploitation attempts of OMIGOD by malicious DDoS botnets (Mirai) and cryptominers. Microsoft also clarified which instances will still require manual patching, see details. Update September 18, 08:00AM EST - Microsoft updated its advisory and declared an auto-update for their PaaS service offerings that use vulnerable VM extensions by September 22, 2021.