On July 14, 2026, Microsoft published a security advisory that should jolt every Azure administrator: a critical flaw in the Azure Monitor Agent Metrics Extension could allow an attacker on the same network to seize control of your virtual machines without needing any credentials. The vulnerability, CVE-2026-47632, is a stark reminder that the software silently watching your cloud servers can also become their weakest link.

What Actually Changed?

The Metrics Extension—a component of the Azure Monitor Agent that gathers performance counters from the guest operating system—was found to improperly validate digital certificates during its secure communications (Microsoft classifies it as CWE-295). In practice, this means an attacker with access to the same virtual network, or a connected on-premises segment via Azure Arc, could impersonate a trusted service that the extension normally talks to. Because the extension runs with elevated privileges to collect system-level metrics, a successful exploit gives the attacker that same level of access: they could read sensitive data, modify configurations, install malware, or disrupt operations. The attack requires no authentication, no user interaction, and can be automated once the adversary is network-adjacent.

Microsoft’s CVSS 3.1 score of 8.8—with the vector AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H—reflects the confluence of easy exploitation and catastrophic impact. Fixing the flaw required a simple upgrade: the Metrics Extension patch bumps the version to 1.65. All prior releases, starting from 1.0.0, are vulnerable. The National Vulnerability Database had not yet provided an independent severity score at the time of publication, but Microsoft’s detailed vector leaves no doubt about the urgency.

Who Needs to Act? (And Who Doesn’t)

If you’re a home user with a single Azure VM running a lab environment, your risk is real but manageable: upgrade the extension and move on. For enterprises managing dozens, hundreds, or thousands of Azure VMs, virtual machine scale sets, and Azure Arc-enabled servers, this is a fire drill. The extension is often deployed automatically by Azure Policy, VM Insights onboarding, or default images, so many organizations may not even realize they’re running it. Worse, traditional OS patch management tools won’t report on extension versions; your Windows Server may show “all updates installed,” but that says nothing about the Metrics Extension lurking inside.

The reach extends across hybrid estates. Azure Arc projects the same agent onto on-premises Windows and Linux servers, bridging your datacenter to the cloud. A compromised on-prem notebook connected via VPN could satisfy the “adjacent network” condition and pivot to these Arc-managed servers if they run an outdated extension. An attacker who has already breached a neighboring workload in your Azure virtual network could use this vulnerability to move laterally or escalate from a low-privilege container to full VM control.

How We Got Here

The Azure Monitor Agent is the modern replacement for the legacy Microsoft Monitoring Agent, adopted by many organizations over the past two years as Microsoft has pushed toward a unified telemetry pipeline. That transition brought a more modular design: instead of a single agent doing everything, you now deploy separate extensions for logs, metrics, and dependency tracking. While this architecture improves scalability, it also multiplies the components that need updating—and each one has its own version lifecycle.

Automatic Extension Upgrade has been available for years, but its behavior can puzzle even experienced admins. Microsoft rolls out updates gradually, so two identical VMs in the same region might not get a new extension version at the same time. Some organizations disable auto-upgrade to avoid untested changes, inadvertently creating a patching gap. Others enable it but never verify that it’s working, assuming that a green checkmark in the portal means everything is current. CVE-2026-47632 exposes the flaw in that assumption: without active verification, a portion of your fleet could remain dangerously exposed for days or weeks.

Version confusion also plays a role. The Azure Monitor Agent itself reports a top-level version (e.g., 1.30), but the Metrics Extension is a separate component with its own numbering. An admin who checks the AMA version alone might see 1.30 and think they are safe, when the Metrics Extension could be stuck at 1.64. The advisory explicitly calls out the Metrics Extension, so that’s what you must check.

What to Do Now: A Practical Action Plan

Upgrading the Metrics Extension to 1.65 is the only fix, but discovering every instance is the hard part. Here’s how to tackle it systematically:

1. Find Every Installation

Don’t rely on memory. Use Azure Resource Graph to run a Kusto query across all subscriptions:

Resources
| where type == \"microsoft.compute/virtualmachines/extensions\"
| where properties.type == \"AzureMonitorMetrics\" and properties.publisher == \"Microsoft.Azure.Monitor\"
| extend extensionVersion = properties.instanceView.version
| where extensionVersion < \"1.65\"
| project subscriptionId, resourceGroup, vmId = split(id, \"/\")[8], extensionVersion, location

This query is a template—you might need to adjust for your naming. For Arc-enabled servers, use microsoft.hybridcompute/machines/extensions. Export the results to a spreadsheet; you’ll need it for tracking.

2. Verify Auto-Upgrade Status

In the Azure portal, navigate to each VM’s “Extensions + applications” blade, select the Metrics extension, and check “Automatic upgrade.” If it’s off, turn it on only after you’ve manually upgraded to 1.65; otherwise, you might inadvertently delay the fix. For scale sets, update the VMSS model and ensure the upgrade policy applies to existing instances as well as new.

3. Manual Upgrade Steps

For a single VM, use the portal’s “Extensions” blade to reinstall the extension with the latest version (1.65 will be pulled automatically). For bulk operations, Azure PowerShell or CLI is your friend:

Set-AzVMExtension -ResourceGroupName \"rg-prod\" -VMName \"vm01\" -Name \"AzureMonitorMetrics\" -Publisher \"Microsoft.Azure.Monitor\" -ExtensionType \"AzureMonitorMetrics\" -TypeHandlerVersion \"1.65\"

Replace 1.65 with the actual latest version if it has since incremented, but never go below it. After upgrading, confirm the extension’s provisioningState becomes Succeeded and metrics start flowing again in Azure Monitor. If metrics stall, a restart of the Azure Monitor Agent service (MSFT_AMA on Windows, ama-metrics on Linux) often resolves the issue.

4. Patch Your Templates and Images

Search your code repositories for references to the Metrics extension version (like typeHandlerVersion). In ARM templates, Bicep, or Terraform, pin to 1.65 or use a variable that always points to the latest. Rebuild any golden images used in scale sets or AVD pools to include the fixed extension. If you use Azure Image Builder, update the install script.

5. Look for Breaches

The advisory doesn’t indicate active exploitation, but the window between disclosure and widespread attacks is narrowing. Check Azure Sentinel/Defender for unusual authentication attempts, certificate validation errors in the Windows event logs (Event ID 36887 might indicate a TLS failure), or anomalous outbound connections from VMs running the vulnerable extension. Focus on machines that were exposed before July 14.

6. Enforce Future Compliance

Create an Azure Policy that audits for the correct Metrics Extension version. Microsoft’s built-in “Audit Windows VMs on which the Azure Monitor Agent is not installed” isn’t enough—you need a custom policy to check the version. Deploy it in audit mode first; then enforce a deny or modify action once you’re confident it won’t break monitoring. Consider also using Azure Advisor’s security recommendations, which may soon reflect this CVE.

Outlook: Agent Security Will Move Center Stage

Microsoft will likely accelerate its efforts to make extension versions more transparent and easier to manage at scale. Expect improved dashboards in Azure Monitor and Azure Arc that show, at a glance, the update status of all agents. The security community may also develop more granular policy definitions for controlling extension versions. In the meantime, treat every agent—whether for monitoring, backup, or security—as a critical piece of software that needs the same rigorous patch management as your OS kernel. The July 14 patch is a one-time fix, but the lesson is ongoing: cloud observability is a two-way mirror.