Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Microsoft closes Office 365 admin access vulnerability

21 Jan 2014   #1
Microsoft MVP

64-bit Windows 8.1 Enterprise
 
 
Microsoft closes Office 365 admin access vulnerability

Quote:
The vulnerability allowed users to create administrative accounts and take over a business' Office 365 implementation.

Microsoft has closed up a cross-site scripting (XSS) vulnerability in its Office 365 offering, allowing the security researcher who discovered it to explain how it was done.

Cogmotive co-founder Alan Byrne details how the vulnerability can be exploited on his company's blog, as well as in a YouTube video demonstration.

"This is a perfect example of a very simple exploit which has a huge possibility to cause billions of dollars' worth of damage. As we move further and further into the cloud, we need to be more and more aware of the potential security risks," he wrote.

The vulnerability stems from Microsoft's failure to sanitise input fields. Under the default implementation of Office 365, users are able to change their names. As the contents of this field are not checked, users can enter HTML code.
Read more at: Microsoft closes Office 365 admin access vulnerability | ZDNet

My System SpecsSystem Spec
.

Reply

 Microsoft closes Office 365 admin access vulnerability




Thread Tools



Similar help and support threads for2: Microsoft closes Office 365 admin access vulnerability
Thread Forum
Microsoft Security Essentials Closes Immediately After Starting System Security
Microsoft Office 2007 Access Queries Microsoft Office
Microsoft Security Essentials Closes as soon it opens... System Security
Microsoft fixes Office 2003 bug denying access to files Microsoft Office
Microsoft Confirms Attacks Targeting Critical 0-Day Office Excel Vulnerability Microsoft Office

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 04:33 AM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33