Security News > 2020 > September > MFA Bypass Bugs Opened Microsoft 365 to Attack

Bugs in the multi-factor authentication system used by Microsoft's cloud-based office productivity platform, Microsoft 365, opened the door for hackers to access cloud applications via a bypass of the security system, according to researchers at Proofpoint.

The flaws exist in the implementation of what is called the WS-Trust specification in cloud environments where WS-Trust is enabled and used with Microsoft 365, formerly called Office 365.

"Due to the way Microsoft 365 session login is designed, an attacker could gain full access to the target's account," Itir Clarke, senior product marketing manager for Proofpoint's Cloud Access Security Broker, in a report posted online Tuesday.

She said the Microsoft implementation of the standard gives attackers a number of ways to bypass MFA and access its cloud services, paving the way for various attacks-including real-time phishing, channel hijacking and the use of legacy protocols.

The WS-Trust protocol, Proofpoint said, opens the door for attackers to exploit Microsoft 365 cloud services to multiple attack scenarios.

News URL

https://threatpost.com/flaws-in-microsoft-365s-mfa-access-cloud-apps/159240/