Security analysts have discovered a critical security vulnerability in the Microsoft Teams desktop app that allows threat actors to access authentication tokens and accounts with multi-factor authentication (MFA) enabled. BleepingComputer reports: “This attack does not require special permissions or advanced malware to avoid serious internal damage,” explains Connor Peoples of cybersecurity firm Vectra in a report this week. The researcher adds that by taking control of “critical positions – such as the company’s head of engineering, the CEO or the CFO – attackers can convince users to perform tasks that harm the organization.” Vectra researchers discovered the problem in August 2022 and reported it to Microsoft. However, Microsoft disagreed with the severity of the problem and said it did not meet the criteria for a fix.
As a patch is unlikely to be released, Vectra recommends that users upgrade to the browser version of the Microsoft Teams client. By using Microsoft Edge to download the app, users benefit from additional token leak protection. Researchers are advising Linux users to switch to a different collaboration suite, especially after Microsoft announced plans to end app support for the platform by December.
