Office 365 vulnerability opens OneDrive files to ransomware attacks

Cybersecurity researchers from Proofpoint have detected that an Office 365 vulnerability is exposing files being stored on Microsoft SharePoint and OneDrive to hackers launching ransomware attacks. Research has found that the files which are being stored through the auto-save feature to the cloud are being intercepted by hackers.

The attack chain works simply by compromising the account credentials of MS Office 365 users and then hijacking their accounts to data steal and then encryption data stored on SharePoint and OneDrive cloud environments.

Interestingly, the vulnerability can also give hackers an opportunity to attack all modifying versions and encrypt them to the core.

American tech giant Microsoft(MS) responded to the report of ProofPoint sensibly and stated that its versioning settings were working perfectly and the claims made by the security firm were hard to prove.

Microsoft has also issued a statement that it has fixed the flaw that hackers can exploit on Windows machines operating on Arm Chips. The Windows 11 giant said that it has issued a fix on Tuesday that would rectify a problem that might prevent users from login into Azure Active Directory (AAD).

So, all those apps that were using AAD for sign-in, like Microsoft Teams, VPN connections, and Outlook, would be saved from hitting news headlines for being hacked.

MS also admitted that after installing the update, some .NET Framework 3.5 apps may be blocked from opening files. And the only thing admins can do to remediate the situation is by re-enabling .NET Framework 3.5 and the Windows Communication Foundation in Windows Features.


Naveen Goud
Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

No posts to display