This talk will expose a new risk for cloud users that relates to software being run by the cloud providers within the customer cloud. Attendees will hear a chain of critical vulnerabilities found in Azure built-in VM agents affecting almost every customer using Azure. The key question is who owns the fix? The users don’t even know these agents are running!