Finnish Security Company WithSecure published a security advisory warning organizations of a security flaw in Microsoft Office 365 Message Encryption (OME) on October 14, 2022.
The Finnish Security Company found that if Attackers are able to obtain enough OME emails could use the leaked information to infer the contents of the messages partially or fully by analyzing the location and frequency of repeated patterns in individual messages, and then matching these patterns to ones found in other OME emails and files.
Microsoft Office 365 Message Encryption (OME) is a mechanism that encrypts emails internally and externally and utilizes the Electronic Codebook (ECB) implementation – a mode of operation known to leak certain structural information about messages. OME is considered legacy by Microsoft.
WithSecure principal security consultant Harry Sintonen wrote in an Oct. 14 posting that if an attacker had access to enough emails using OME, it’s possible to access leaked information by analyzing the frequency of repeating patterns in individual messages and then matching those patterns with those in other encrypted emails and files.
According to the advisory, the analysis can be done offline, meaning an attacker could compromise backlogs or archives of previous messages. Unfortunately, organizations have no way to prevent an attacker that comes into possession of affected emails from compromising its contents using the method outlined in the WithSecure advisory.
The advisory also highlights that no knowledge of the encryption keys is needed to conduct the analysis, and that use of a Bring Your Own Key (BYOK) scheme does not remedy the problem.
WithSecure shared its research with Microsoft in January 2022. While Microsoft acknowledged the problem and paid for the find via their vulnerability reward program. Microsoft opted not to issue a fix. While organizations can mitigate the problem simply by not using the feature, it does not address the risks of adversaries gaining access to existing emails encrypted with OME.
According to the WithSecure any organization with personnel that used OME to encrypt emails are basically stuck with this problem. For some, such as those that have confidentiality requirements put into contracts or local regulations, this could create some issues. And then of course, there’s questions about the impact this data could have in the event it’s actually stolen, which makes it a significant concern for organizations,”
Because there is no fix from Microsoft or a more secure mode of operation available to email admins or it is recommended to avoid the use of OME as a means of ensuring the confidentiality of emails. There are Microsoft Alternatives such as IRM in AD RMS and Microsoft Purview Message Encryption.
The full advisory is available on WithSecure Labs: https://labs.withsecure.com/advisories/microsoft-office-365-message-encryption-insecure-mode-of-operation.html0