Is it real or is it memorex?
Michael B. Smith
Sounds like a familiar bug. Again.
https://techcrunch.com/2024/06/18/security-bug-allows-anyone-to-spoof-microsoft-employee-emails/
(Granted, it hasn’t been validated – because MSFT closed the report.)
Kurt Buff
--
You received this message because you are subscribed to the Google Groups "ntsysadmin" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ntsysadmin+...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ntsysadmin/ad5d9dec0f9548dd91100545e553cdc3%40smithcons.com.
Philip Elder
It does to me but what we experienced at a client site was this:
- User clicks link in Outlook
- User’s Outlook locks up
- Proofpoint (we have all clients set to outbound SmartHost on-premises Exchange this way) flags SENT e-mail
- User calls wondering what’s up
- I check Proofpoint’s console
- Sure enough every mailbox on that Exchange Server had flagged outbound messages
- Proofpoint had blocked them all
But, the user’s Inbox and Contacts were also harvested. ☹
I asked around but no one responded.
I have no doubt that this bug is resident in the online version given what we’ve seen with the @XYZ123.OnMicrosoft.Com e-mail blasts that hit our Proofpoint inbound spam quarantine regularly.
Philip Elder MCTS
Senior Technical Architect
Microsoft High Availability MVP
E-mail: Phili...@mpecsinc.ca
Phone: +1 (780) 458-2028
Web: www.mpecsinc.com
Blog: blog.mpecsinc.com
Twitter: Twitter.com/MPECSInc
Skype: MPECSInc.
Please note: Although we may sometimes respond to email, text and phone calls instantly at all hours of the day, our regular business hours are 8:00 AM - 5:00 PM, Monday thru Friday.
To view this discussion on the web visit https://groups.google.com/d/msgid/ntsysadmin/CADy1Ce7Wc7aGKYoigE%3DrAck0H2TgRCvcKj%2B1eE4HkTEba%2Bw2dg%40mail.gmail.com.