Hometech newsMicrosoft Email Spoofing Vulnerability: Security Expert's Revelation

Microsoft Email Spoofing Vulnerability: Security Expert’s Revelation

A recent finding by cybersecurity expert Vsevolod Kokorin, known online as Slonser, has revealed a significant vulnerability allowing malicious actors to spoof Microsoft corporate emails.

Slonser shared a screenshot on X, illustrating an email that seemed to originate from [email protected]. Despite alerting Microsoft to this issue, the company initially failed to replicate the vulnerability and dismissed it as irrelevant. Slonser then provided a detailed video demonstration and a proof-of-concept, yet Microsoft still couldn’t reproduce the flaw.

Extensive Attack Surface

Frustrated by Microsoft’s response, Slonser decided to publicly disclose his findings online. His post gained substantial attention, amassing over 118,000 views. Subsequently, Microsoft reopened one of Slonser’s previously submitted reports.

This vulnerability, affecting Outlook accounts, impacts approximately 400 million users. Spoofing emails from trusted brands like Microsoft could enable highly convincing phishing attacks, posing a significant security threat.

Security Researchers Identify Vulnerability in Microsoft Email Spoofing

Unclear Origins and Microsoft’s Response

It remains uncertain whether Slonser was the first to discover this flaw or if it had already been exploited by others. This revelation comes on the heels of a series of security breaches involving Chinese threat actors accessing emails of high-ranking US officials. In response, Microsoft has announced a comprehensive overhaul of its security practices, prioritizing cybersecurity above all else.

Must Read

JVC DLA-NZ800

JVC DLA-NZ800 4K Laser Projector Review: Exceptional HDR Performance

The JVC DLA-NZ800 projector excels with top-tier 4K visuals, advanced HDR tone mapping, and premium features, making it an ideal choice for high-end home theaters.