Security News > 2022 > October > Microsoft Office 365 email encryption could expose message content
Security researchers at WithSecure, previously F-Secure Business, found that it is possible to partially or fully infer the contents of encrypted messages sent through Microsoft Office 365 due to the use of a weak block cipher mode of operation.
Organizations use Office 365 Message Encryption to send or receive emails, both external and internal, to ensure confidentiality of the content from destination to source.
Harry Sintonen of WithSecure underlines that with Office 365 Message Encryption the content of the encrypted messages isn't directly decipherable, but structural information about those messages can be captured.
An attacker able to collect multiple encrypted messages can look for patterns that could lead to parts of the message to become gradually readable without the need of an encryption key.
To demonstrate that this can be achieved, Sintonen revealed the content of an image protected by Office 365 Message Encryption.
WithSecure recommends that until a more secure mode of operation becomes available, users and admins should stop using or trusting the Office 365 Message Encryption feature.
News URL
Related news
- Microsoft 365 Admin portal abused to send sextortion emails (source)
- Microsoft 365 outage takes down Office web apps, admin center (source)
- Microsoft Exchange adds warning to emails abusing spoofing flaw (source)
- ScubaGear: Open-source tool to assess Microsoft 365 configurations for security gaps (source)
- Microsoft now testing hotpatch on Windows 11 24H2 and Windows 365 (source)
- Microsoft 365 outage impacts Exchange Online, Teams, Sharepoint (source)
- Phishing-as-a-Service "Rockstar 2FA" Targets Microsoft 365 Users with AiTM Attacks (source)
- New Rockstar 2FA phishing service targets Microsoft 365 accounts (source)
- Hackers Use Corrupted ZIPs and Office Docs to Evade Antivirus and Email Defenses (source)
- Microsoft dangles $10K for hackers to hijack LLM email service (source)