Share this article

Latest news

With KB5043178 to Release Preview Channel, Microsoft advises Windows 11 users to plug in when the battery is low

Copilot in Outlook will generate personalized themes for you to customize the app

Microsoft will raise the price of its 365 Suite to include AI capabilities

Death Stranding Director’s Cut is now Xbox X|S at a huge discount

Outlook will let users create custom account icons so they can tell their accounts apart easier

Microsoft patches NoAuth vulnerability, blocking account takeover attacks

3 min. read

Published onJuly 11, 2023

published onJuly 11, 2023

Share this article

Read our disclosure page to find out how can you help Windows Report sustain the editorial teamRead more

In this article

Toggle

As reported bySecurity Boulevard, a vulnerability has been discovered in the Microsoft Azure Active Directory (AD) Open Authorization (OAuth) process that could allow hackers to take complete control of user accounts.

The vulnerability, dubbed “NoAuth” by researchers from Descope, a California-based identity and access management service, affects multi-tenant OAuth applications within Azure AD. NoAuth is an authentication implementation flaw that allows attackers to modify the email attribute under the “Contact Information” section in Azure AD accounts. By exploiting the “Log in with Microsoft” feature, malicious actors can then compromise victim accounts.

To exploit NoAuth, an attacker would first need to create an Azure AD admin account. They would then modify the email address associated with this account to match the email address of the victim they want to target.

Once the attacker has modified the email address, they can then use the “Log in with Microsoft” feature to log in to any vulnerable application or website as the victim. This would give the attacker full control of the victim’s account, including access to their data and passwords.

Terms you should know to understand NoAuth better

OpenID Connect (OIDC)

OpenID Connect (OIDC) is an open authentication protocol that builds on the OAuth 2.0 architecture. OIDC is designed to be used by consumer-facing applications, and it allows users to access multiple websites with just one sign-on (SSO).

Azure Active Directory (Azure AD)

Azure Active Directory (Azure AD) is a cloud-based identity and access management (IAM) service that helps organizations manage user access to applications and resources. Azure AD uses OAuth 2.0 and OpenID Connect (OIDC) to provide a secure and convenient way for users to sign in to applications and websites.

Identity Provider (IdP)

Identity providers (IdPs) are a critical part of the OAuth and OIDC authentication process. An IdP is a trusted third party that stores and verifies user identities. When a user signs in to an application or website that uses OAuth or OIDC, the application or website redirects the user to the IdP’s login page. The IdP then validates the user’s credentials and, if successful, issues an access token to the application or website. The application or website can then use the access token to access the user’s protected resources.

Open Authorization (OAuth)

Open Authorization (OAuth) is an open, token-based authorization framework that allows users to grant access to their private resources to third-party applications without sharing their passwords or other sensitive information. For example, a Facebook user can authorize Medium to access their profile, read their posts, or post to their feed without having to provide Medium with their Facebook login information.

Davesh Beri

User forum

0 messages

Sort by:LatestOldestMost Votes

Comment*

Name*

Email*

Commenting as.Not you?

Save information for future comments

Comment

Δ

Davesh Beri