Security News > 2020 > May > Microsoft gives Office 365 admins the heads-up: Some internal queries over weekend might have returned results from completely different orgs
Microsoft had to warn a subset of Office 365 administrators over the weekend that their organisation might have inadvertently featured in an outsider's internal search results.
Register reader Dusty shared the notification, which read: "Under extremely rare circumstances, users performing internal search queries may have received search results from another organization."
Tenant administrators were advised to run the commands "To identify the exact search query results data which were inadvertently viewed".
Hands up all those who have accidentally done a SQL outer join and sat baffled at the results before hideous realisation dawned? Not that we're suggesting this is what happened here - Microsoft remains tight-lipped about the cause - but we like to show a bit of empathy every now and again.
Just as those few customers who found themselves briefly staring at another organisation's results will do as well... Microsoft hopes.
News URL
Related news
- Microsoft discloses Office zero-day, still working on a patch (source)
- Microsoft discloses unpatched Office flaw that exposes NTLM hashes (source)
- Microsoft Warns of Unpatched Office Vulnerability Leading to Data Exposure (source)
- Microsoft Office 2024 to disable ActiveX controls by default (source)
- Microsoft Is Disabling Default ActiveX Controls in Office 2024 to Improve Security (source)
- Microsoft rolls out Office LTSC 2024 for Windows and Mac (source)