Asia Pacific Japan Changing Traditional Technologies Chief Information Officer Chief Information Security Officer Cloud Computing Education Enterprise Mobility Free Insights Greyhound Reports Media Mentions Networking Professional Services

Microsoft Office 365 Still Vulnerable To POODLE Attacks, Says Greyhound Research

The POODLE Attack is a vulnerability that takes advantage of web browser encryption. It gives attackers the access to the web traffic between a user’s browsers and a HTTP Secure website, which can cause serious repercussions such as decrypting sensitive user information like authentication cookies.

Though Microsoft has taken a number of steps to address this vulnerability, a detailed evaluation from Greyhound Research has found that Microsoft Office 365 continues to rate weak on SSL3.0 security vulnerability. Sanchit Gogia, Chief Analyst & CEO at Greyhound Research, who was evaluating cloud-based productivity suite options including both Microsoft Office 365 and Google Apps for Work, for one of his clients, ran a quick Poodle Attack Vulnerability check (on http://www.ssllabs.com), and found out that the vulnerabilities still affected Office 365.

“In October 2014, Microsoft issued an advice on a Secure Sockets Layer (SSL) 3.0 security flaw that was discovered in their Azure and Office 365 exchange servers. Microsoft stated that SSL 3.0 is an aged protocol and now replaced by Transport Layer Security (TLS) protocol, which is devoid of the POODLE flaw, as also validated by US-CERT. However, we ran the Qualys test for few mail servers, only to find that the vulnerability still affected Office 365,” says Sanchit.

As most small and medium enterprises rely on cloud-based offerings, this vulnerability can cause serious implications. “Many small and medium businesses often do not have proper security measures in place, hence make for easier prey. With players like Google (Apps for Work), Microsoft (Office 365) and IBM (Verse) increasingly catering to organizations with cloud-based productivity suite, this space is only expected to get more complex,” states Sanchit.

To read the Full Article, click here: DataQuest

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s