The Vectra security company according to Microsoft Teams stores authentication tokens in unencrypted plaintext form, which can be an exploitable interface for cybercriminals who would worm their way into an organization’s communications. The vulnerability affects the Teams desktop application based on the Electron framework on Windows, Mac and Linux platforms. Although Microsoft has acknowledged the existence of the bug, it is not urging it to release a fix in the near future, as attackers also need network access to execute the exploit, which makes it less likely that someone will use it in practice.
According to Vectra, a hacker with local or remote access could theoretically obtain the credentials of any Teams user active online and then impersonate them, and also impersonate the victim through peer apps such as Skype or Outlook, bypassing multi-factor authentication. .
Popcorn + ITRecording of more than 100 lectures on the HWSW YouTube channel – join!
Popcorn + IT Recording of more than 100 lectures on the HWSW YouTube channel – join!
All of this gives him the ability to modify SharePoint files, manage Outlook emails and calendars, and Teams chat files. It could cause an even bigger uproar if you were to intentionally disrupt communications within your organization or use the information obtained for further targeted phishing attacks.
The problem affects the desktop application because the Electron framework does not include additional security controls to protect cookie data, unlike modern web browsers. For this reason, Vectra recommends that users, if possible, not use the Teams desktop app until the patch is released, and log in to the service on the web interface instead. Because Microsoft says the discovered vulnerability is not serious enough to issue an immediate patch, it is considering patching it by releasing a subsequent version number.
Source: HWSW Informatikai Hírmagazin by www.hwsw.hu.
*The article has been translated based on the content of HWSW Informatikai Hírmagazin by www.hwsw.hu. If there is any problem regarding the content, copyright, please leave a report below the article. We will try to process as quickly as possible to protect the rights of the author. Thank you very much!
*We just want readers to access information more quickly and easily with other multilingual content, instead of information only available in a certain language.
*We always respect the copyright of the content of the author and always include the original link of the source article.If the author disagrees, just leave the report below the article, the article will be edited or deleted at the request of the author. Thanks very much! Best regards!