Security News > 2016 > April > Microsoft plugs online services account hijacking vulnerability (Help Net Security)
London-based security researcher and bug hunter Jack Whitton has discovered a serious cross-site request forgery flaw affecting Microsoft’s authentication system for online services. A successful exploitation of the vulnerability could allow attackers to collect users’ login tokens and use them to impersonate users on Microsoft’s services, but the good news is that the Redmond giant took only two days to plug the security hole once they knew about it. “Microsoft, being a huge company, have … More →
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/1kvGgeaGiBg/
Related news
- Researchers Uncover OS Downgrade Vulnerability Targeting Microsoft Windows Kernel (source)
- Microsoft Entra "security defaults" to make MFA setup mandatory (source)
- Setting a security standard: From vulnerability to exposure management (source)
- Microsoft pulls Exchange security updates over mail delivery issues (source)
- ScubaGear: Open-source tool to assess Microsoft 365 configurations for security gaps (source)
- Microsoft Ignite 2024 Unveils Groundbreaking AI, Security, and Teams Innovations (source)
- Microsoft plans to boot security vendors out of the Windows kernel (source)
- Microsoft announces new and improved Windows 11 security features (source)
- Microsoft Launches Windows Resiliency Initiative to Boost Security and System Integrity (source)
- Microsoft 365 outage impacts Exchange Online, Teams, Sharepoint (source)