We had an executive send out an email from his Microsoft 365 account to all employees. One of the employees replied directly to the sender (not reply to all), and began a sideline conversation. The executive forwarded the reply to an outside individual. So far, nothing out of the ordinary.
However, another employee viewed the original email and saw the notice: "You are not viewing the most recent version of this conversation. Click here to view all." The employee clicked and was able to see the private sideline conversation, and the forwarded email. Help me understand how the CRAP that is possible. That seems like a glaring security error on Microsoft's behalf.
Summary:
- All employees receive the email.
- One person replies only to the sender.
- Sender responds only to the reply.
- Sender forwards his own reply to an outside individual.
- Another employee sees message that they are not replying to the most recent message and clicks to view the most recent message, and sees the private response, and the forward.
