Microsoft’s ATP Service Flawed, Safe Links Allows Malicious URLs - How to, Technology and PC Security Forum | SensorsTechForum.com

Microsoft’s ATP Service Flawed, Safe Links Allows Malicious URLs

microsoft-office-365Microsoft is in the spotlight once again. SC Magazine UK has just reported that a problem concerning the Advanced Threat Protection module has been unveiled. The problem exists within the Safe Links component of the product. It allows malicious URLs to pass through the premium email protection utility.

Microsoft has been alarmed about the vulnerability but apparently hasn’t done anything to fix it. At least that’s what SC’s investigation indicates. Read on to learn the whole story.

How Does Advanced Threat Protection Work?

Read from the source: https://products.office.com/en-us/exchange/online-email-threat-protection

As visible, the enterprise users of Office 365 can pay an additional fee so that they can use the ATP service. The service itself has two components:

  • Safe Attachments – designed to analyze the attachments.
  • Safe Links – designed to provide real-time protection when opening an URL.

Basically, the Safe Links component rewrites URL links to transmit the HTTP request through MS’s servers. Once the user clicks on the link, MS goes through the web page to check for malware before authorizing the URL. The user should receive a warning in case the web site is blocked or malware-contaminated.

What’s Not Right with ATP’s Safe Links

An IT professional has reached out to SC Magazine and has told them that he had issued a complaint to MS in September. According to his own experience with ATP’s Safe Links, the component wasn’t functioning properly in all instances. As he disclosed the vulnerability to MS, he expected it to be fixed sooner rather than not at all. Microsoft admitted to the problem (malicious links passing through the ATP) and had to sort it out by September 4.

Since the vulnerability is not yet addressed officially, the IT professional didn’t want specific details of it being released to the public.

This is what he told SC Magazine:

“Microsoft has admitted they need to recode. When you pay extra for ATP and Safe Links, you don’t expect this. Safe Links is designed to protect you against what I call the Jamie Oliver exploit: a link that looks clean when it goes through the email server today could direct you to a website with malware tomorrow.”

The media has asked Microsoft for a statement. However, a statement wasn’t received at the time of their article’s publication.

Must-Read:
Microsoft’s Bitlocker Disk Encryption Tool Is Vulnerable

Milena Dimitrova

An inspired writer, focused on user privacy and malicious software. Enjoys 'Mr. Robot' and fears '1984'.

More Posts - Website

Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...
Please wait...

Subscribe to our newsletter

Want to be notified when our article is published? Enter your email address and name below to be the first to know.