A research team at security company Wiz discovered it was able to access keys that control access to databases held by thousands of companies.
Because Microsoft cannot change those keys by itself, it emailed the customers Thursday telling them to create new ones.
Microsoft agreed to pay Wiz 40,000 USD for finding the flaw and reporting it, according to an email it sent to Wiz.
Microsoft told Reuters the issue was fixed immediately to keep its customers safe and protected.
Microsoft's email to customers said there was no evidence the flaw had been exploited.