Security News

Microsoft is investigating a known issue causing Microsoft 365 customers to experience significant delays when saving attachments in Outlook Desktop to a network share. Microsoft addressed a similar bug affecting apps in the Office Suite in February when the company acknowledged that the issue also impacted saving email attachments to a network share.

Microsoft Sharepoint and OneDrive for Business were briefly interrupted today after a German TLS certificate was mistakenly added to the main.com domains for the Microsoft 365 services. At approximately 3:08 PM ET today, a Microsoft 365 advisory 'SP659992' warned that users may be unable to access SharePoint Online and OneDrive for Business.

The North Korean state-sponsored Lazarus hacking group is breaching Windows Internet Information Service web servers to hijack them for malware distribution. South Korean security analysts at ASEC previously reported that Lazarus was targeting IIS servers for initial access to corporate networks.

Microsoft shared a workaround for Outlook Desktop blocking attempts to open IP address or fully qualified domain name hyperlinks after installing this month's security updates. "Outlook blocks opening FQDN and IP address hyperlinks after installing protections for Microsoft Outlook Security Feature Bypass Vulnerability released July 11, 2023," the company says.

Microsoft is further enhancing the Windows 11 Enhanced Phishing Protection by testing a new feature that warns users when they copy and paste their Windows password into websites and documents. With the release of Windows 11 22H2, Microsoft introduced a new security feature called Enhanced Phishing protection, designed to protect your Windows and Active Directory domain credentials from being obtained by threat actors.

Microsoft will retire the Windows Mail and Calendar applications on Windows 10 and Windows 11 at the end of the year, first auto-migrating users to the new Outlook for Windows app in August. Initially developed for Windows 10, Windows Mail and Calendar are built-in Windows applications that provide an easy-to-use application for retrieving your email and scheduling events, tasks, and appointments.

A stolen Microsoft security key may have allowed Beijing-backed spies to break into a lot more than just Outlook and Exchange Online email accounts. Microsoft still, to the best of our knowledge, does not know how this incredibly powerful private signing key was obtained, and has revoked that key.

The Microsoft consumer signing key stolen by Storm-0558 Chinese hackers provided them with access far beyond the Exchange Online and Outlook.com accounts that Redmond said were compromised, according to Wiz security researchers. While Microsoft said that only Exchange Online and Outlook were impacted, Wiz says the threat actors could use the compromised Microsoft consumer signing key to impersonate any account within any impacted customer or cloud-based Microsoft application.

The Microsoft private encryption key stolen by Storm-0558 Chinese hackers provided them with access far beyond the Exchange Online and Outlook.com accounts that Redmond said were compromised, according to Wiz security researchers. While Microsoft said that only Exchange Online and Outlook were impacted, Wiz says the threat actors could use the compromised Azure AD private key to impersonate any account within any impacted customer or cloud-based Microsoft application.

According to cloud security company Wiz, the inactive Microsoft account consumer signing key used to forge Azure Active Directory tokens to gain illicit access to Outlook Web Access and Outlook.com could also have allowed the adversary to forge access tokens for various types of Azure AD applications. Wiz's analysis fills in some of the blanks, with the company discovering that "All Azure personal account v2.0 applications depend on a list of 8 public keys, and all Azure multi-tenant v2.0 applications with Microsoft account enabled depend on a list of 7 public keys."