Houston, we had a problem! A recently discovered series of vulnerabilities left your Microsoft Account out in the open for complete takeover, with everything from Office to Outlook susceptible to hacking.
A security researcher discovered this bug, where he was able to take over a Microsoft subdomain because it was not properly configured. This allowed the bug hunter to set up an Azure web app that pointed to the CNAME record of that domain.
These are used to map domain aliases and subdomains to the main account.
By doing this, the researcher not only took control of that particular subdomain, but he was also able to receive any and all data sent to it.
In other words, whenever a user logged into a Microsoft service, the login token would be sent over to the server controlled by the researcher, giving him a valid session token that could be used for logins, bypassing phishing detection.
Apparently, these critical issues were reported to Redmond in June, and they were fixed just last month, in November.
Microsoft Office, Store and Swap apps could be tricked into sending their authenticated login tokens to this new controlled domain after a user logged in through the Microsoft Live login system.
That is to say, anyone’s Office account, even enterprise and corporate ones, could theoretically be hacked this way. A malicious hacker would be able to easily access emails, documents and other files, while it would have been nearly impossible to discern a cybercriminal from a legitimate user.
Makes one shiver, just typing it!
