Are You Use Microsoft Office 365 ? - Weak encryption that exposes your emails
New research has disclosed what's being called a security vulnerability in Microsoft 365
That could be exploited to infer message contents due to the use of a broken cryptographic algorithm.
"The [Office 365 Message Encryption] messages are encrypted in insecure Electronic Codebook (ECB)
Office 365 Message Encryption (OME) is a security mechanism used to send and receive encrypted email messages between users inside and outside an organization without revealing anything about the communications themselves.
Electronic Codebook is one of the simplest modes of encryption wherein each message block is encoded separately by a key,
Since Microsoft has no plans to fix this vulnerability the only mitigation is to avoid using Microsoft Office 365 Message Encryption," WithSecure said.