A Microsoft Office 365 Vulnerability Every Organization Should Be Aware Of

If you use Microsoft Office 365 products at work or at home, you should be aware of the software’s extensive vulnerability. The manner in which Microsoft Office 365 manages “federated identities” through Security Assertion Markup Language (SAML) allows online hackers to infiltrate accounts, data, e-mail messages and files within the software’s cloud. Relying on the cloud for data storage is certainly en vogue, yet more and more stories are emerging regarding the cloud’s security weaknesses. The Microsoft Office 365 vulnerability is just the latest example of the problem with a total reliance on the cloud for information storage and retrieval. Though Microsoft responded to the security exploit with a January 5 mitigation, it is still abundantly clear that cloud storage is fallible.

Office 365

About SAML

SAML is a standard employed by businesses and other entities to transfer authentication / authorization information. It permits a single sign-on across a number of different websites, allowing for greatly improved efficiency. Microsoft’s use of SAML version 2.0 in its Office 365 software is flawed in that it does not authenticate the element known as the NameID. As a result, the exchange takes place with other values for authentication. An example of such a value is an IDPEmail attribute. The Service Provider actually relied upon the Issuer of the Assertion yet did not perform “sanity checks” on the IDPEmail attribute value. As a result, it would easily consume assertions, under the impression that Identity Provider A had authenticated users of Identity Provider B.

Details About the Attack

The Office 365 SAML service provider implementation vulnerability was first discovered by Kakavas, a Research and Technology Network company based in Greece. The firm figured out that the software’s weakness permitted the bypassing of federated domains with cross-domain authentication. The expanse of this cyberattack has been quite vast. It encompasses Outlook Online, Skype for Business, OneDrive, OneNote and more. All in all, any Microsoft Office 365 product purchased by a company in terms of licensing is vulnerable. Malevolent individuals take advantage of the vulnerability in order to obtain access to uber-sensitive personal / corporate information. Corporate in-house documents, e-mails and more have been exposed to hackers. Organizations affected by the software’s vulnerability to domains configured as federated include Verizon, Vodafone and British Airways.

Representatives from Kakavas report that the Office 365 flaw was surprisingly simple to exploit. The bug could have been present in the software since its release to the masses, or it could have transpired at any point in the meantime. In order to take advantage of the Office 365 weakness, a hacker merely needed a trial subscription to the software along with an installation of SAML 2.0 Identity Provider. An in-depth knowledge of SAML knowledge is not required to take advantage of the flaw. Once a SAML SSO is established with Office 365, the hacker is well on his way to infiltrating the user’s / company’s data. Hackers with extensive SAML knowledge have taken the hack to the next level by devising a tool that executes the attack automatically without requiring the SAML 2.0 Identity Provider. Yet the weakness is not strictly limited to individual sign-ons with SAML. Hackers have been able to execute the attack through Active Directory Federation Services as well.

Our IT Service Can Protect Your Company’s Computer Hardware, Software and Networks

LAN Infotech is the trusted choice when it comes to staying ahead of the latest information technology tips, tricks and news. Contact us at (954) 717-1990 or send us an email at sales@laninfotech.com for more information.

Fort Lauderdale Computer Networks
Network Services in Fort Lauderdale
Network Consulting in Fort Lauderdale
Fort Lauderdale Data Backup
Data Security Fort Lauderdale
Client Feedback

“LAN Infotech has been an exceptional resource for our organization. They provide consistent knowledgeable network engineers, round the clock monitoring and are invaluable in our IT infrastructure decision-making process. Their level of customer service has been top-notch and exceeds our expectations – we look forward to a continued partnership with LAN Infotech.”

—Janice M. Pennington
Vice-President of Finance & Administration
National Multiple Sclerosis
Society South Florida Chapter
read more»

Featured IT Services Fort Lauderdale Articles

LAN Infotech Recognized as Leading Microsoft Marketing Partner Worldwide

The team of IT specialists from LAN Infotech are thrilled to announce that they have been recognized on Fifty-Five and Five’s Inbound Marketing Excellence Report as one of the top 250 Microsoft mark

Read more

Featured IT Services

IT Consulting Advice for Fort Lauderdale: Taking Care of Your Employees Is Taking Care of Your Business!

Quid Pro Quo An IT consulting firm in Fort Lauderdale will usually advise that you get what you give. This is the core principle which defines most working relationships. The employer gives the em

Read more

Featured IT Services

IT Services Business Advice: Do You Really Need a Management Consultant in Fort Lauderdale?

Eliminate the Middleman IT services in Fort Lauderdale need not cost an arm and a leg to provide services your own organization could source internally. You want a consultation agency willing to he

Read more

Featured IT Services