Office 365 Email baseStriker Vulnerability

A vulnerability named baseStriker has been discovered in Office 365 which allows threat actors to deliver malicious emails.

Threat ID:: CC-2371
Category:: Exploit
Threat Severity:: Low
Threat Vector:
Published:: 10 May 2018 12:00 AM

Report a cyber attack: call 0300 303 5222 or email [email protected]

This content has been archived

This article no longer conforms to NHS Digital's standards for cyber alerts, and may contain outdated or inaccurate information. Use of this information contained in this page is at your own risk

Summary

A vulnerability named baseStriker has been discovered in Office 365 which allows threat actors to deliver malicious emails.

Threat details

Using the base tag in HyperText Markup Language (HTML), it is possible to create a link in an email without including the full location that the link leads to. At the time of publication this method of linking is not analysed properly by Microsoft's security services, and so emails containing such links to malicious locations may not be blocked.

Attackers are currently exploiting this vulnerability in phishing attacks, but it is also possible to deliver links to malware and other malicious content.

Remediation steps

Type	Step
	Ensure that a robust program of education and awareness training is delivered to users to ensure they don’t follow links within unsolicited emails.

Last edited: 17 February 2020 12:51 pm