Josh-CO Dev

Solving the worlds problems one line of code at a time.

Severe Office 365 Token Disclosure Vulnerability

Leave a comment


My organization is doing what many organizations that use Microsoft products are doing right now, and that is evaluating Office 365. I think it’s safe to say that the response from the Security team has been overwhelmingly that it is a bad idea from the get go, especially with the amount of confidential data that we have. On top of this, it is a lot more expensive compared to our internal, secure hosting that we are using now. Suffice to say, I was incredibly joyful when I stumbled across an article last night showcasing a severe vulnerability for Office 365. Check it out at: Office 365 Vulnerability

Now, this is being released because Microsoft is about to patch it, but it has been around since at least April, and most likely longer, and there are probably many other security issues as well. It’s always nice to see articles such as this when as Microsoft sales reps are constantly telling you just how secure everything is, how there are no problems, and it is just as secure as the internal hosting we’re using now. We all know it’s a line of bullshit, but it is nice to have the proper validation.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s