May 18, 2023 at 5:30 PM

Microsoft was caught scanning password-protected zip files stored on SharePoint Online

Microsoft has found itself in hot water after it was discovered that the company was scanning password-protected zip files stored on SharePoint Online for malware. Security researcher Andrew Brandt, who uses Microsoft’s cloud services to save copies of malware in password-protected zip files, was surprised to find that Microsoft had flagged some of his files as malware after they had been uploaded into a SharePoint directory. While Microsoft has good reasons to scan files stored on its cloud services for malware, doing so on password-protected files may go a step too far for some customers.

For security researchers, using cloud services to back up and share malware in protected files is a pretty common practice. Brandt also said in a Mastodon thread that he started to keep malware in passworded zips last year after the OneDrive app on his work laptop decided to back up his files, then deleted them from both his hard drive and the cloud after they had been flagged as malware. However, the recent discovery that Microsoft is scanning password-protected files has caused some concern among security researchers.

“The available space to do this just keeps shrinking and it will impact the ability of malware researchers to do their jobs,” Brandt said. Kevin Beaumont, another security researcher and former Microsoft employee, explained how Microsoft manages to see what’s inside password-protected files on its cloud services. According to Beaumont, Microsoft “has a password list it runs through files,” and Brandt used the easy-to-guess “infected” password on his protected zip files. Beaumont added that Microsoft also extracts passwords from email bodies.

While Microsoft’s scanning for malware on its cloud services is understandable, some customers may be concerned about the company’s scanning of password-protected files. As the amount of available space for malware researchers to do their jobs continues to shrink, it remains to be seen how Microsoft will address this issue.

May 18, 2023 by Danilo Venom

MORE ABOUT: #Team Collaboration Tools #Document Managers #Microsoft SharePoint

Microsoft SharePoint

Team Collaboration Tool
Paid • Proprietary

Microsoft SharePoint is a team collaboration tool that allows you to share and organize your work with others. With 124 alternatives on AlternativeTo, it's clear that people are looking for options when it comes to team collaboration software. Some of the top alternatives include Nextcloud, ownCloud, and MediaWiki. SharePoint is cloud-based, so you can easily access your work from anywhere. It has an average rating of 4.4 and is known for its team collaboration and cloud sharing capabilities.

Related news

All news about Microsoft SharePoint »

External links

Well, apparently Microsoft Sharepoint now has has the ability to scan inside of password-protected zip archives
Infosec Exchange on Mastodon
Microsoft is scanning the inside of password-protected zip files for malware
Ars Technica
Microsoft is searching within your secure folders for malware, even if you have a password
TechRadar

Comments

rygle

CommentMay 19, 2023

I'd be just as concerned about Microsoft harvesting passwords/data from emails. What else are they harvesting?