Technology
A bug left your Microsoft account wide open to complete takeover
/https%3A%2F%2Fblueprint-api-production.s3.amazonaws.com%2Fuploads%2Fcard%2Fimage%2F902674%2F7172b294-487c-4e22-8303-0e49c561f219.jpg)
Image: Miguel Candela/SOPA Images/LightRocket via Getty Images
2018-12-11 15:38:02 UTCBug bounty hunter Sahad Nk recently uncovered a series of vulnerabilities that left Microsoft users’ accounts — from your Office documents to your Outlook emails — susceptible to hacking.
While working as a security researcher with cybersecurity site , Nk discovered that he was able to take over the Microsoft subdomain, , because it wasn’t properly configured. This allowed the bug hunter to set up an Azure web app that pointed to the domain’s CNAME record, which maps domain aliases and subdomains to the main domain. By doing this, Nk not only takes control of the subdomain, but also receives any and all data sent to it.
This is where the second major vulnerability comes into play.
Microsoft Office, Outlook, Store, and Sway apps send authenticated login tokens to the subdomain. When a user logs in to Microsoft Live, login.live.com, the login token would leak over to the server controlled by Nk. He would then just have to send over an email to the user asking them to click a link, which would provide Nk with a valid session token — a way to log in to the user’s account without even needing their username or password. And, because Nk has access on Microsoft’s side, that link would come in the form of a login.live.com URL, bypassing phishing detection and even the savviest of internet users.
According to , the issues were reported to Microsoft in June. They were fixed just last month, in November.
!function(f,b,e,v,n,t,s){if(f.fbq)return;n=f.fbq=function(){n.callMethod?
n.callMethod.apply(n,arguments):n.queue.push(arguments)};if(!f._fbq)f._fbq=n;
n.push=n;n.loaded=!0;n.version=’2.0′;n.queue=[];t=b.createElement(e);t.async=!0;
t.src=v;s=b.getElementsByTagName(e)[0];s.parentNode.insertBefore(t,s)}(window,
document,’script’,’https://connect.facebook.net/en_US/fbevents.js’);
fbq(‘init’, ‘1453039084979896’);
if (window._geo == ‘GB’) {
fbq(‘init’, ‘322220058389212’);
}
if (window.mashKit) {
mashKit.gdpr.trackerFactory(function() {
fbq(‘track’, “PageView”);
}).render();
}
Petlibro’s new smart refrigerated wet food feeder is what your cat deserves
The books on your favorite creators’ TBR shelf
Xaira, an AI drug discovery startup, launches with a massive $1B, says it’s ‘ready’ to start developing drugs
Rabbit R1 hands-on review: Something is iffy about this
UK probes Amazon and Microsoft over AI partnerships with Mistral, Anthropic, and Inflection
‘Shōgun’ co-creators break down the finale: ‘It’s a story about death’
Tesla’s new growth plan is centered around mysterious cheaper models
Tesla’s in trouble. Is Elon Musk the problem?
Two widow founders launch DayNew, a social platform for people dealing with grief and trauma
Google Pixel 9 and Pixel 9 Pro: Release date, specs, new features, and other rumors
API startup Noname Security nears $500M deal to sell itself to Akamai
US think tank Heritage Foundation hit by cyberattack
NASA discovered bacteria that wouldn’t die. Now it’s boosting sunscreen.
How to watch ‘Argylle’: When and where is it streaming?
Tesla drops prices, Meta confirms Llama 3 release, and Apple allows emulators in the App Store
Tesla layoffs hit high performers, some departments slashed, sources say
TechCrunch Mobility: Cruise robotaxis return and Ford’s BlueCruise comes under scrutiny
Meta to close Threads in Turkey to comply with injunction prohibiting data-sharing with Instagram
Former top SpaceX exec Tom Ochinero sets up new VC firm, filings reveal
Tesla layoffs hit high performers, some departments slashed, sources say
Petlibro’s new smart refrigerated wet food feeder is what your cat deserves
The books on your favorite creators’ TBR shelf
Xaira, an AI drug discovery startup, launches with a massive $1B, says it’s ‘ready’ to start developing drugs
Rabbit R1 hands-on review: Something is iffy about this
UK probes Amazon and Microsoft over AI partnerships with Mistral, Anthropic, and Inflection
‘Shōgun’ co-creators break down the finale: ‘It’s a story about death’
Tesla’s new growth plan is centered around mysterious cheaper models
Tesla’s in trouble. Is Elon Musk the problem?
Two widow founders launch DayNew, a social platform for people dealing with grief and trauma
Google Pixel 9 and Pixel 9 Pro: Release date, specs, new features, and other rumors
-
Business6 days agoLangdock raises $3M with General Catalyst to help businesses avoid vendor lock-in with LLMs
-
Entertainment6 days agoWhat Robert Durst did: Everything to know ahead of ‘The Jinx: Part 2’
-
Entertainment6 days agoThis nova is on the verge of exploding. You could see it any day now.
-
Business5 days agoIndia’s election overshadowed by the rise of online misinformation
-
Business5 days agoThis camera trades pictures for AI poetry
-
Business6 days agoCesiumAstro claims former exec spilled trade secrets to upstart competitor AnySignal
-
Business4 days agoTikTok Shop expands its secondhand luxury fashion offering to the UK
-
Business7 days agoInternet users are getting younger; now the UK is weighing up if AI can help protect them
