Security News > 2024 > August > Microsoft Fixes ASCII Smuggling Flaw That Enabled Data Theft from Microsoft 365 Copilot
2024-08-27 06:09
Details have emerged about a now-patched vulnerability in Microsoft 365 Copilot that could enable the theft of sensitive user information using a technique called ASCII smuggling. "ASCII Smuggling is a novel technique that uses special Unicode characters that mirror ASCII but are actually not visible in the user interface," security researcher Johann Rehberger said. "This means that an attacker
News URL
https://thehackernews.com/2024/08/microsoft-fixes-ascii-smuggling-flaw.html
Related news
- Microsoft Delays Windows Copilot+ Recall Release Over Privacy Concerns (source)
- ScubaGear: Open-source tool to assess Microsoft 365 configurations for security gaps (source)
- Microsoft 365 Admin portal abused to send sextortion emails (source)
- Microsoft now testing hotpatch on Windows 11 24H2 and Windows 365 (source)
- Microsoft rolls out Recall to Windows Insiders with Copilot+ PCs (source)
- Microsoft 365 outage impacts Exchange Online, Teams, Sharepoint (source)
- Phishing-as-a-Service "Rockstar 2FA" Targets Microsoft 365 Users with AiTM Attacks (source)
- New Rockstar 2FA phishing service targets Microsoft 365 accounts (source)
- Microsoft expands Recall preview to Intel and AMD Copilot+ PCs (source)
- Microsoft 365 outage takes down Office web apps, admin center (source)