Security researchers recently claimed to have found a flaw that could allow threat actors to spoof Microsoft corporate emails.
A cybersecurity researcher with the alias Slonser (full name Vsevolod Kokorin, according to TechCrunch) recently posted on X with a revealing screenshot that appeared to show an email that apparently came from the [email protected] Email address.
In the post, Slonser said that after notifying Microsoft about the vulnerability, the company came back saying it couldn't reproduce it. In other words, he didn't find it relevant. The researcher then shared “a video with the exploit, a complete proof of concept” to which Microsoft, once again, responded by saying that it could not reproduce the flaw.
Large attack surface
“At this point, I decided to stop communicating with Microsoft,” Slonser said, and he just posted his findings online.
Her post “exploded,” racking up more than 118,000 views at the time of this publication. The researcher later suggested TechCrunch that Microsoft may have changed its mind: “Microsoft might have noticed my tweet because a few hours ago they reopened [sic] one of my reports that I had presented several months ago.”
The vulnerability apparently only works in Outlook accounts, which still have about 400 million users. Therefore, the attack surface is quite large. By spoofing major brands like Microsoft, threat actors could create convincing and highly dangerous phishing emails, so the threat coming from this vulnerability is real.
However, it is currently unknown if Slonser was the first to find him, or if someone else already discovered him and abused him in attacks.
Recently, Microsoft has become a pillar of shame, after a series of security mishaps that resulted in Chinese threat actors reading emails belonging to high-ranking US government employees. As a result, Microsoft announced a complete review of its security practices and claimed to have put cybersecurity “above all.”
Through TechCrunch
