Security News > 2024 > August > Microsoft Fixes ASCII Smuggling Flaw That Enabled Data Theft from Microsoft 365 Copilot

2024-08-27 06:09
Details have emerged about a now-patched vulnerability in Microsoft 365 Copilot that could enable the theft of sensitive user information using a technique called ASCII smuggling. "ASCII Smuggling is a novel technique that uses special Unicode characters that mirror ASCII but are actually not visible in the user interface," security researcher Johann Rehberger said. "This means that an attacker
News URL
https://thehackernews.com/2024/08/microsoft-fixes-ascii-smuggling-flaw.html
Related news
- Malicious Adobe, DocuSign OAuth apps target Microsoft 365 accounts (source)
- Microsoft: March Windows updates mistakenly uninstall Copilot (source)
- Microsoft fixes Windows update bug that uninstalled Copilot (source)
- Hidden Threats: How Microsoft 365 Backups Store Risks for Future Attacks (source)
- AI agents swarm Microsoft Security Copilot (source)
- After Detecting 30B Phishing Attempts, Microsoft Adds Even More AI to Its Security Copilot (source)
- Week in review: Chrome sandbox escape 0-day fixed, Microsoft adds new AI agents to Security Copilot (source)
- Microsoft: Licensing issue blocks Microsoft 365 Family for some users (source)
- Microsoft total recalls Recall totally to Copilot+ PCs (source)
- Tycoon2FA phishing kit targets Microsoft 365 with new tricks (source)