Published 3 years ago • loading... • Updated 3 years ago

Microsoft Office 365 email encryption may not be as watertight as it seems

Summary by Ground News

Security researchers at WithSecure found that it is possible to partially or fully infer the contents of encrypted messages sent through Microsoft Office 365. The issue is due to the use of a weak block cipher mode of operation. Microsoft told WithSecure that the issue does not meet the bar for security servicing, nor is it considered a breach, hence there will be no patch for it.

6 Articles

VentureBeat

Center

Microsoft Office 365 vulnerability lets hackers sidestep email encryption

A WithSecure researcher has uncovered a Microsoft Office 365 vulnerability that enables hackers to infer the contents of encrypted emails.

3 years ago·San Francisco, United States

Read Full Article

Tech Radar

Center

Microsoft Office 365 email encryption may not be as watertight as it seems

There's a way to read the messages, a researcher claims, but Microsoft begs to differ

3 years ago·United Kingdom

Read Full Article

BleepingComputer

Center

Microsoft Office 365 email encryption could expose message content

Security researchers at WithSecure have discovered it's possible to partially or fully infer the contents of encrypted messages sent through Microsoft Office 365, highlighting an intrinsic weakness in the encryption scheme used.

3 years ago

Read Full Article

sophos.com

Serious Security: Microsoft Office 365 attacked over feeble encryption

How 2022 is your encryption?

3 years ago

Read Full Article

recfut.com

Microsoft disputes report on Office 365 Message encryption issue after awarding bug bounty

Microsoft is denying reports from a cybersecurity firm that there are issues with the Electronic Codebook (ECB) mode within Microsoft Office 365 Message Encryption.

3 years ago

Read Full Article