A major security exploit that let researchers change Bing search results was revealed this week.
The ポルノ映画館でオナニーできますかvulnerability was discovered in January by cybersecurity research company Wiz and reported to the Microsoft Security Response Center (MSRC).
In a Twitter thread, Wiz researcher Hillai Ben-Sasson explained how he was able to hack into Bing's content management system (CMS). By logging into Microsoft's cloud computing platform Azure, he discovered that he could grant all users access to internal Microsoft apps. He then accessed a database of Bing's search results. From there, Ben-Sasson figured out that he could actually modify what showed up in the results.
Wiz researchers also discovered that Bing was vulnerable to a Cross-Site Scripting (XSS) attack and discovered they had access to sensitive Office 365 data including Outlook emails, Calendar information, and Teams messages. MSRC detailed security updates and shared recommendations for Azure AD admins and developers in its blog post.
SEE ALSO: Protect your privacy with the best free VPNThe purpose of the researchers' experiment was to show that it was possible and share its findings with Microsoft. But it shows how malicious hackers could have wreaked havoc for Bing.
"A malicious actor with the same access could’ve hijacked the most popular search results with the same payload and leak sensitive data from millions of users," said the Wiz blog post. Luckily it was caught before any major damage was done.
This Tweet is currently unavailable. It might be loading or has been removed.
Microsoft confirmed that it has been fixed as of March 29. Wiz received a $40,000 "bug bounty" for reporting the vulnerability, which it it plans to donate to an unspecified recipient.
Topics Cybersecurity Microsoft
Previous:Workshop of New Velina Houston Play
Next:Venetian Ondo
BLAST.tv Paris Major Asia and Americas RMRs suffer from wealth of competitive integrity issues
Universal Basic Income and coronavirus: Lessons from history
IFA Berlin pivots to an 'innovative new concept' due to coronavirus pandemic
What is VoIP? An expert explains.
El Camino to Celebrate Spring with Annual Cherry Blossom Festival
What is VoIP? An expert explains.
Tesla to implement a key security feature 'soon'
Amazon tech workers called out sick to protest working conditions
EU approves landmark AI law
Hubble Telescope's 30
Hirahara to Discuss New Mystery Series at JANM
Netflix now worth more than Disney with influx of new subscribers
'Parks and Recreation' announces socially distanced reunion special
Elijah Wood trawls Twitter for good 'Animal Crossing' turnip prices just like us
Kimono Show at Little Tokyo Library
15 Star Wars quotes to live by
Apple Music is now available on Samsung TVs
Samsung Galaxy Z Flip gets a neat exclusive YouTube feature
Yu Ooka Group Performs Tonight at Happa Restaurant in Gardena
Best true crime podcasts of all time
Phoenix Mercury vs. Seattle Storm 2024 livestream: Watch live WNBAThe Health Care CruciblePortugal vs. Scotland 2024 livestream: Watch UEFA Nations League for freeRunaway American DreamsThe Social BeastSinner vs. Draper 2024 livestream: Watch US Open for free in UKYou Are Not Familiar with My VoiceBears vs. Titans 2024 livestream: Watch NFL for free in UKDallas Wings vs. Atlanta Dream 2024 livestream: Watch live WNBAGermany vs. Hungary 2024 livestream: Watch UEFA Nations League for free Mainland Chinese iPhone users unable to access Apple Intelligence after AI update · TechNode Huawei previews Nova Flip phone in video, launch set for August 5 · TechNode JD Vance calls dating apps 'destructive' Tesla sets up insurance subsidiary in China · TechNode Meituan set to enter Riyadh as early as September · TechNode Stellantis’ Chinese partner set to build first European factory in Italy · TechNode AI PC shipments hit 8.8 million in Q2, accounting for 14% of total PC shipments · TechNode Europa League 2024 Get the Anker Prime Docking Station for $80 off at Amazon Judge forces 'Fortnite' return to iOS, as Microsoft and Spotify assist
0.1707s , 9948.859375 kb
Copyright © 2025 Powered by 【ポルノ映画館でオナニーできますか】Bing vulnerability made it possible to alter search results,Global Hot Topic Analysis
