topic Office 365 Vulnerability of HTML “baseStriker attack” and Mitigation by PAN Firewall in Custom Signatures https://live.paloaltonetworks.com/t5/custom-signatures/office-365-vulnerability-of-html-basestriker-attack-and/m-p/213897#M251 <P>Hi Team,</P><P>recently there is one vulnerability found in office 365 vulnerability has been identified in Microsoft Office 365, a remote user can exploit this vulnerability to trigger Security Restriction Bypass on the targeted system.</P><P>&nbsp;</P><P>Is there any way to block the office split&nbsp;HTML in PAN firewall.&nbsp;</P><P>&nbsp;</P><P><STRONG>Vulnerability Types and Methods:</STRONG> Found using in the wild to bypass a security feature of Microsoft Office 365, which is originally designed to protect users from malware and phishing attacks called “<STRONG>baseStriker attack”</STRONG> “.<BR /><BR /><STRONG>Dubbed Safe Links</STRONG>, the feature has been included in Office 365 software as part of Microsoft's Advanced Threat Protection (ATP) solution that works by replacing all URLs in an incoming email with Microsoft-owned secure URLs. So, every time a user clicks on a link provided in an email, it first sends the user to a Microsoft owned domain, where the company immediately checks the original URL for anything suspicious. If Microsoft's scanners detect any malicious element, it then warns users about it, and if not, it redirects the user to the original link.</P><P>&nbsp;</P><P>Thanks</P><P>&nbsp;</P><P>&nbsp;</P><P>Khandesha Kothale</P> Thu, 10 May 2018 12:47:55 GMT Khandesha 2018-05-10T12:47:55Z Office 365 Vulnerability of HTML “baseStriker attack” and Mitigation by PAN Firewall https://live.paloaltonetworks.com/t5/custom-signatures/office-365-vulnerability-of-html-basestriker-attack-and/m-p/213897#M251 <P>Hi Team,</P><P>recently there is one vulnerability found in office 365 vulnerability has been identified in Microsoft Office 365, a remote user can exploit this vulnerability to trigger Security Restriction Bypass on the targeted system.</P><P>&nbsp;</P><P>Is there any way to block the office split&nbsp;HTML in PAN firewall.&nbsp;</P><P>&nbsp;</P><P><STRONG>Vulnerability Types and Methods:</STRONG> Found using in the wild to bypass a security feature of Microsoft Office 365, which is originally designed to protect users from malware and phishing attacks called “<STRONG>baseStriker attack”</STRONG> “.<BR /><BR /><STRONG>Dubbed Safe Links</STRONG>, the feature has been included in Office 365 software as part of Microsoft's Advanced Threat Protection (ATP) solution that works by replacing all URLs in an incoming email with Microsoft-owned secure URLs. So, every time a user clicks on a link provided in an email, it first sends the user to a Microsoft owned domain, where the company immediately checks the original URL for anything suspicious. If Microsoft's scanners detect any malicious element, it then warns users about it, and if not, it redirects the user to the original link.</P><P>&nbsp;</P><P>Thanks</P><P>&nbsp;</P><P>&nbsp;</P><P>Khandesha Kothale</P> Thu, 10 May 2018 12:47:55 GMT https://live.paloaltonetworks.com/t5/custom-signatures/office-365-vulnerability-of-html-basestriker-attack-and/m-p/213897#M251 Khandesha 2018-05-10T12:47:55Z