Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Microsoft closes Office 365 admin access vulnerability

21 Jan 2014   #1
Brink
Microsoft MVP

64-bit Windows 10
 
 
Microsoft closes Office 365 admin access vulnerability

Quote:
The vulnerability allowed users to create administrative accounts and take over a business' Office 365 implementation.

Microsoft has closed up a cross-site scripting (XSS) vulnerability in its Office 365 offering, allowing the security researcher who discovered it to explain how it was done.

Cogmotive co-founder Alan Byrne details how the vulnerability can be exploited on his company's blog, as well as in a YouTube video demonstration.

"This is a perfect example of a very simple exploit which has a huge possibility to cause billions of dollars' worth of damage. As we move further and further into the cloud, we need to be more and more aware of the potential security risks," he wrote.

The vulnerability stems from Microsoft's failure to sanitise input fields. Under the default implementation of Office 365, users are able to change their names. As the contents of this field are not checked, users can enter HTML code.
Read more at: Microsoft closes Office 365 admin access vulnerability | ZDNet


My System SpecsSystem Spec
.

Reply

 Microsoft closes Office 365 admin access vulnerability




Thread Tools





Similar help and support threads
Thread Forum
Microsoft Security Essentials Closes Immediately After Starting
Hey, When I open the MSE User Interface, it closes immediately. Maybe after 1 second or so. There is no error. However, the Antimalware Service Executable (MsMpEng.exe) is still running. I have uninstalled and reinstalled, following Uninstalling MSE - Microsoft Community, using Microsoft Fix It,...
System Security
Microsoft Office 2007 Access Queries
Hello. I am writing an Access Database which will hold a lot of information about software, books and whatever else I am going to store in there. (Yes, Data entry will take a long time, but not a problem). I have made a query which will search the Books database for Author, and I was wondering...
Microsoft Office
Microsoft Security Essentials Closes as soon it opens...
When I try to run Microsoft Security Essentials it opens but close instantly after. I have that little white flag with a red X on the bottom right of my screen. It says that I have to turn on Windows Security center service, but when I try to do so by clicking on the message, a window appears...
System Security
Microsoft Office Outlook 2007 problem when using Microsoft Office
:sleepy:When I sent a message and when I was using Microsoft Office Outlook 2003, I had an option that enabled me to add a photo following or preceding my text. This option enabled me to put a photo in the text area and place text under or above the photo explaining the photo. I am now running...
Microsoft Office
Microsoft fixes Office 2003 bug denying access to files
Source - Microsoft fixes Office 2003 bug denying access to files
Microsoft Office
Microsoft Confirms Attacks Targeting Critical 0-Day Office Excel Vulnerability
more: Softpedia
Microsoft Office

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 03:20.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App