In a recent announcement, Microsoft has taken a significant step in bolstering the security of its cloud services, including OneDrive and SharePoint. The tech giant revealed that it will now scan password-protected Zip files uploaded or shared by users. This proactive measure aims to tackle the long-standing issue of cybercriminals exploiting archived documents for malware distribution. Previously, Microsoft’s scanning capabilities were limited to uncompressed files, allowing malicious actors to bypass detection by setting passwords. Security researcher Andrew Brandt shed light on this development, highlighting the potential of this enhanced security feature.
Encrypted ZIP files can now be scanned by Microsoft
Archived documents have long served as a conduit for malware distribution. Cybercriminals have frequently employed password-protected Zip files to obfuscate their malicious payloads. However, Microsoft’s recent move to scan encrypted Zip archives on SharePoint marks a significant stride in combating this nefarious practice. By deliberately compressing various malware samples into encrypted Zip files and uploading them to Microsoft cloud services, Brandt demonstrated that these files were promptly flagged as containing malware.
While Microsoft’s proactive scanning approach adds an extra layer of security, the company recognizes that some users may have concerns regarding privacy and data integrity. To address these concerns, users who prefer Microsoft not to scan encrypted files have alternatives at their disposal. They can opt for different compression formats, such as 7-Zip, or utilize encryption algorithms like AES-256. These options ensure that users have the flexibility to maintain control over their data while simultaneously safeguarding it from potential threats.
With its decision to scan password-protected Zip files, Microsoft has taken a commendable step forward in securing its cloud services against malware distribution. By proactively identifying and flagging encrypted files that may contain malicious payloads, the company aims to provide users with enhanced protection and peace of mind. While users can choose alternative compression formats or encryption algorithms to prevent scanning, Microsoft’s commitment to bolstering security demonstrates its dedication to the well-being of its customers. By actively staying ahead of cyber threats, Microsoft continues to pave the way for a safer and more secure cloud computing environment.
RELATED:
- Microsoft gets approval from EU regulators to acquire Activision Blizzard
- Mobile PDF Signing Comes to Microsoft 365 App for Smartphones
- Best iPhone 13 Mini Alternatives in 2023
(Via)
