[roland35]

Yikes! This an unusual exploit since it both has an absolutely massive impact (literally access to everything on SharePoint and Outlook??), with a relatively straightforward vector (just looking at client side JavaScript).

One nit: I'd rather see people redact sensitive data with solid blocks instead of blurs in screenshots. Can't be too careful!

[rudasn]

I think nowadays the blur feature just makes it look blurry, but it's not the actual original text being blurred.

[stcredzero]

How are we to know if someone didn't just use an affine transform? This is another place where ignorance could result in security leaks.

[reaperman]

Yeah I'm not fucking around with that. Solid block of black removes the guesses. (Caveats for layered documents like PDFs).

[rudasn]

I like to convert to transparent png, cut the area I need removed, use background color (eg black) to indicate that something was removed, and export to jpg.

[stcredzero]

Programs should have explicit "secure censor" operations.

[PcChip]

That would be interesting to read about