Bug of the week. Outlook 2016 sends the plaintext together with the encrypted email

Specialists from SEC Consult found in Microsoft Outlook a remarkable vulnerability , which can be considered the silliest bug of the week or month, somehow. They accidentally noticed that the program attaches the contents of the letter in open form to each encrypted S / MIME letter. Probably for easier viewing.



No comments from Microsoft have yet been made, the company only confirmed the presence of a vulnerability in Microsoft Outlook 2016. The vulnerability is assigned a classification number CVE-2017-11776 .



S / MIME (Secure / Multipurpose Internet Mail Extensions) is a standard for encrypting and signing email with a public key. This standard is similar to PGP / GPG, it is supported by all popular email clients, including Microsoft Outlook, Mozilla Thunderbird, Apple Mail and email clients on iOS devices and Samsung Knox. To use S / MIME, you need to configure an email client, install a personal certificate and exchange certificates with correspondence partners.



S / MIME is fundamentally incompatible with webmail. Confidentiality and integrity of messages are unattainable with traditional use of webmail, because the private key should not be available to the webmail server. Therefore, it cannot show the contents of the message.



So, researchers from SEC Consult were not originally engaged in searching for vulnerabilities in the Outlook encryption scheme. But they realized that the situation was very unhealthy when they found that the contents of the encrypted emails were displayed in Outlook Web Access (OWA). This is a web client for accessing the Microsoft Exchange collaboration server. According to the normal practice of using S / MIME, the web client does not seem to be able to show the text of the letter, because it does not have a secret key for decryption.



It turned out that when using S / MIME encryption, the Outlook email client sends a message in encrypted and unencrypted form at the same time (in one letter). That is, anyone can read the contents of the letter without having the recipient's secret keys. He will not have to take any action to do this. The attack is possible completely in the passive mode. In other words, all the cryptographic properties of the S / MIME protocol are completely compromised. SEC Consult specialists call this “fake cryptography”.



At the same time, the sender has no signs of a problem in the Sent Items folder. Letters are displayed as if they were correctly encrypted. Displays icons about the correct signature and encryption of the letter.







Vulnerability CVE-2017-11776 assigned not a critical, but an average level of danger, including because the bug only appears if a letter formatted as “Plain Text” is encrypted. By default, this format is not used, but Outlook automatically activates it if you reply to a letter formatted as “Plain Text”.







If you create a new letter with standard HTML formatting, then the bug could not be found.



There is another limitation that reduces the danger of a bug. Apparently, the Exchange server removes the open part of the encrypted letter, and in this case, the encryption with clear text will only reach the Exchange server, and then it will go in a normal form. But if you send via SMTP server, then the open part of the letter will remain on the entire route, up to the recipient's mailbox.



The presence of the vulnerability became clear when the content of the message was displayed by Outlook Web Access (OWA), although this should not be possible. In theory, OWA should report that a preview of the message is not possible. But here the first 255 characters are quietly displayed. And if an attacker gains access to the mail server or intercepts traffic in a different way, he can read the whole of this supposedly “encrypted” letter.



The exploitation of a vulnerability is possible if an attacker is able to intercept traffic that is not protected by TLS, or has access to some mail server along the path of the message, or has access to the mailbox of the sender or recipient.



Vulnerability CVE-2017-11776, along with 60 other vulnerabilities in Microsoft programs, has been fixed in the latest monthly security update, which was released on October 10, 2017.



Microsoft has not yet announced which version of Microsoft Outlook has a bug. The security bulletin contains the version of Microsoft Outlook 2016. This program was released on September 22, 2015 as part of Office 2016.