Thursday, October 8, 2015

Microsoft Pays $24,000 To Researcher For Preventing Dangerous Outlook Worm

Email is, perhaps, the most hopelessly insecure of all web apps. For individuals and businesses it can be a nightmare attempting to keep hackers out of inboxes. This summer, Wesley Wineberg, a security researcher at Synack, found that to be all too true, discovering a bug affecting all services running over Microsoft’s Live.com, allowing malicious hackers to gain access to a user’s entire Outlook account.
Admittedly, there was plenty of trickery involved. Wineberg first analysed the way in which Outlook allowed other apps to access it, using a standard set of authentication code known asOAuth. He discovered he could create an “evil app” containing an OAuth bypass, only needing to trick a user to visiting a website and they would effectively grant that naughty software access to everything in their account.
But for most hackers, this kind of vulnerability, known as across-site request forgery (CSRF), is all too common across the web. Typically, these attacks end as soon as the legitimate user logs out, but in the case of Outlook anyone abusing Wineberg’s vulnerability would have permanent access to the account, Wineberg said.
Most concerning of all, it could have been abused to create a nasty email worm, he added. “The real danger of this vulnerability is that it would be very easy to turn into the classic email worm of decades past. After the first victim is compromised, this vulnerability could be used to email every one of their contacts with a link that would then compromise those users’ accounts as well,” Wineberg noted, providing the below footage of his attack to FORBES.

ms-oauth-demo2

“This really is just a classic CSRF vulnerability. The only thing that’s surprising about it is that it’s in a critical authentication system which ultimately can be used to take over any user’s account,” he added in a Synack blog post.

1 comments:

  1. Just admiring your work and wondering how you managed this blog so well. It’s so remarkable that I can't afford to not go through this valuable information whenever I surf the internet!
    DLF park place

    ReplyDelete