Chrome redirection to a probable Malicious web-page (As per Google Search) still owned by Microsoft
Reported by
raiashwa...@gmail.com,
Sep 13
|
|||||||
Issue descriptionChrome Version : 69.0.3497.92 (Official Build) (64-bit) URLs (if applicable) : https://outlook.office365.com/owa/ & https://webshell.suite.office.com/ Other browsers tested: YES Add OK or FAIL, along with the version, after other browsers where you have tested this issue: Safari: NA Firefox: OK Edge: OK What steps will reproduce the problem? 1. Visited our SSO Page (https://eurostar.okta.com) which contains a list of daily usage apps to be used at workplace. 2. Clicked on Microsoft Office 365 Mail and the SSO service started which led me see my mails for good 10 seconds. 3. After 10 seconds, the page redirected to a random URL/Malicious web-page (As per Google Search) still owned by Microsoft - https://webshell.suite.office.com/...................../ and kept loading... in loop with blank content on the screen. No error being displayed too. The entire URL looks something like - https://webshell.suite.office.com/iframe/TokenFactoryIframe?origin=https%3A%2F%2Foutlook.office.com&shsid=0a18693c-f038-4788-a62f-046f547a1bd6&cshver=16.00.2555.000&apiver=g2. What is the expected result? The browser (Google Chrome) shouldn't redirect the OWA (https://outlook.office365.com/owa/) to any other URL and keep the page as it is. What happens instead? The browser (Google Chrome) redirects the OWA (https://outlook.office365.com/owa/) to a random URL/Malicious web-page (As per Google Search) still owned by Microsoft. Although it's working fine with any other browser like Mozilla/IE/Edge with Okta SSO service as well without it i.e. direct signin to https://outlook.office365.com/owa/. Please provide any additional information below. Attach a screenshot if possible. Attached the System Log which I shared with Microsoft for investigation.
,
Sep 21
Tried to reproduce the issue on reported chrome 69.0.3497.92 and latest chrome 69.0.3497.100 using Windows 10. Attaching screen-cast for reference. Steps: ----- 1. Launched reported chrome 2. Navigated to given URL's "1. https://eurostar.okta.com " and "2. https://webshell.suite.office.com/...................../" As we are getting login page fro 1st URL and fro 2 url getting 404 error. @Reporter : It would be really helpful if a sample credentials is provided, so that we can investigate the issue further. Also let us know on which os your seen this issue and if possible provide screencast for better triaging it. Could you please upgrade to latest chrome stable 69.0.3497.100, you can download latest chrome builds here:" https://www.chromium.org/getting-involved/dev-channel ". Let us know whether issue still persists. Thanks.!
,
Oct 17
This seems likely a bug with Microsoft Office 365 (Looks like there are reports of this occasionally happening with Edge as well), rather than a malicious extension, malicious proxy, or a bug in Chrome. Unfortunately, don't think there's anything we can do here. |
|||||||
►
Sign in to add a comment |
|||||||
Comment 1 by krajshree@chromium.org
, Sep 14