Azure Monitor Agent Fluent Bit CVE-2024-4323.

B T 5 Reputation points
2024-06-17T09:51:44.58+00:00

Hello, two questions about Azure Monitor Agent Fluent Bit exe in regards to CVE-2024-4323.

AMA agent installation is using fluent-bit.exe in version 2.0.9 (location C:\Program Files\Azure Monitor Agent\Monitoring\Agent\fluent-bit.exe)

I would like to ask:

  1. When Microsoft will release not vulnerable AMA client?
  2. How to update already installed AMA agents? In my environment I have it installed on Azure Arc enabled and standalone machines.

Best regards,
Paweł Smok

Azure Monitor
Azure Monitor
An Azure service that is used to collect, analyze, and act on telemetry data from Azure and on-premises environments.
3,224 questions
Microsoft Sentinel
Microsoft Sentinel
A scalable, cloud-native solution for security information event management and security orchestration automated response. Previously known as Azure Sentinel.
1,129 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Pauline Mbabu 330 Reputation points Microsoft Employee
    2024-09-23T14:36:18.12+00:00

    Hello,
    Thank you for your question.
    The Azure Monitor Agent released an update in May that covered the Upgraded Fluent-bit version to 3.0.5. This Fix resolves as security issue in fluent-bit (NVD - CVE-2024-4323 (nist.gov).
    Reference doc: https://video2.skills-academy.com/en-us/azure/azure-monitor/agents/azure-monitor-agent-extension-versions

    Updating Already Installed AMA Agents: To update the already installed AMA agents, you should upgrade to the latest version of the Fluent Bit component. You can follow the standard update procedures for your environment to ensure all agents are updated to the latest secure version.

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.