‘Potentially dangerous’ Office 365 flaw discovered

2022-06-16 15:44

Security firm Proofpoint has uncovered what it calls a "Potentially dangerous piece of functionality" in Microsoft Office 365 that allows ransomware to encrypt files stored on SharePoint and OneDrive in a way that renders them unrecoverable without dedicated backups or a decryption key from the attacker.

Monetization: Now all original versions of the files are lost, leaving only the encrypted versions of each file in the cloud account.

"There are two ways to abuse the versioning mechanism to achieve malicious aims - either by creating too many versions of a file or by reducing the version limits of a document library."

"Ideally, complete external backups of cloud files with sensitive data on a regular basis, the company said."Don't rely only on Microsoft to provide backups through versioning of document libraries.

Increase restorable versions for the affected document libraries in your Microsoft 365 or Office 365 settings immediately.

Identify if any previous account compromise or risky configuration change alerts for this Office 365 account.

News URL

https://www.techrepublic.com/article/potentially-dangerous-office-365-flaw-discovered/

#365 #office #office365