ama-logs pod missing critical windows updates

[MattGirolami]

Hi All,

In Azure AKS, the latest ama-logs pod (mcr.microsoft.com/azuremonitor/containerinsights/ciprod:win-3.1.24) is based on a Windows build from September 2024. That build is vulnerable to an Important severity vulnerability, CVE-2024-49039. While this CVE has a known exploit related to Windows Task Scheduler, it is likely not a valid finding on containers.

However, common vulnerability scanners pick this up and flag it as a critical issue (remediated by KB5046616, OS Build 20348.2849).

I would like to request a new version be published based with the latest Windows patches included.

[ganga1980]

Hi, @MattGirolami - thanks for reporting this. We are working on releasing the mcr.microsoft.com/azuremonitor/containerinsights/ciprod:win-3.1.25 and this should address this CVE. The tentative ETA to get the rollout complete by mid of Feb.