The Question Now on Everyone’s Mind: Is Microsoft Office Message Encryption (OME) Vulnerable?

Are you running your business on Microsoft Office 365? Do you utilize Microsoft’s native Office Messaging Encryption (OME) feature to protect sensitive data shared in emails? Did you read any of the news stories published last week, including Bill Toulas’ at Bleeping Computer or Nathan Eddy’s at Dark Reading?

If so, the question you’re likely asking yourself right now is this: Are my Microsoft encrypted emails safe? Or are they vulnerable?

As a reminder, Microsoft Office 365 Message Encryption is used within the Office suite to “help reduce the risk of unintended disclosure by encrypting and rights-protecting email messages sent both inside and outside your organization.”

Timeline of Events

According to reports, questions about the security of Microsoft OME surfaced privately in January 2022 when WithSecure security researchers informed Microsoft of a significant security flaw in Microsoft Office 365 Message Encryption which they also demonstrated. The vulnerability itself is due to Microsoft OME utilizing a block cipher mode of operation called Electronic Code Book (ECB). Microsoft acknowledged the report and paid WithSecure a bug bounty.

After several months had passed, and after repeated inquiries into the status of the vulnerability, Microsoft eventually informed WithSecure, “The report was not considered meeting the bar for security servicing, nor is it considered a breach. No code change was made, so no CVE was issued for this report.” Subsequently, on October 14, 2022, WithSecure made public its research on the Microsoft Office 365 Message Encryption vulnerability.

NIST Request for Comments

Coincident with these events, the National Institute of Standards and Technology (NIST) requested public comments for SP 800-32A, Recommendation for Block Cipher Modes of Operation: Methods and Techniques. Two individuals at Microsoft provided comments specific to the ECB mode of operation stating, “We wholeheartedly agree that ECB is a bad block cipher mode for message encryption. ECB for message encryption has been banned for use in our products starting at our first internal crypto standard back in 2005. However, it is widely used in many other situations where it is perfectly secure, and the best way of doing things.” The commenters from Microsoft concluded, “In short, we have forty years of code development that uses ECB in many, many places. Usage of straight ECB for message encryption has long been banned, but the kind of scenarios listed above are still widely used.”

A Safe and Secure Alternative to Microsoft OME

On Global Encryption Day, I sat down with my colleague, Virtru's SVP of Product and Engineering, Dana Morris, to talk about the state of encryption today, including the Microsoft Vulnerability. You can watch our discussion below. 

Currently, security advisors and even statements from Microsoft themselves, indicate not to use the Office 365 Message Encryption feature with the expectation that it will protect vital or sensitive data. In an email to The Register, a Microsoft spokesperson said, “The rights management feature is intended as a tool to prevent accidental misuse and is not a security boundary.”

So, what can you do? You can join more than 2,000 other organizations that currently trust Virtru to deliver affordable and simple-to-use data privacy solutions on top of Microsoft Office 365. Unlike Microsoft’s native OME encryption solution, Virtru’s products use AES 256 GCM mode encryption and therefore are not subject to the same ECB vulnerability as Microsoft OME.

If your organization is using Microsoft Office 365 and you have questions about regulatory compliance, data security, or data privacy, contact Virtru today.