Login Subscribe
Identity & Access Management

Microsoft Authenticator stores OTPs insecurely, risking MFA token theft

Microsoft Authenticator stores OTPs insecurely, risking MFA token theft

Researchers found that specific releases of the Microsoft Authenticator app write generated one‑time passwords to an unprotected location on the device. The codes remain accessible until they expire, giving anyone with local access—or a compromised app sandbox—a window to steal the MFA token before it is used.

This flaw can let attackers bypass two‑factor protection, especially in environments where devices are shared or not fully managed. Defenders should force users to update to the patched version, enforce strict device compliance policies, and consider supplemental authentication factors or conditional access rules to mitigate the risk of token extraction.

Categories: Identity & Access Management, Vulnerabilities & Exploits

Source: Read original article

Read next

China-Linked TA416 Escalates Phishing Attacks on EU Diplomatic Networks

China-Linked TA416 Escalates Phishing Attacks on EU Diplomatic Networks

Collection BriefThreat IntelligenceTHEHACKERNEWS.COM China-Linked TA416 Escalates Phishing Attacks on EU Diplomatic Networks Why it mattersTargeted attacks on diplomatic channels risk exposure of classified communications and geopolitical intelligence; organizations must enforce MFA, strict OAuth consent reviews, and proactive threat hunting to mitigate nation‑state intrusion attempts. A China‑aligned threat
7secure

Comments ()