Flaw in Microsoft Office 365 Message Encryption could expose email contents to attackers
Adversaries can exploit the flaw, for which there is no patch available, to obtain information that could lead to a full or partial information disclosure.Helsinki, Finland – October 14, 2022: Today, WithSecure ™ (formerly known as F-Secure Business) published a security advisory warning organizations of a security flaw in Microsoft Office 365 Message Encryption (OME). OME, which is used by organizations to send encrypted emails internally and externally, utilizes the Electronic Codebook (ECB) implementation – a mode of operation known to leak certain