Microsoft Teams – a way in for malicious software

Us and about 280 million other people use Microsoft Teams for communications and collaboration, depending on it to be secure.

Generally it is – but of course researchers have found that exception – and it is not hard to exploit!

Microsoft Teams bug allows malware delivery from external accounts (bleepingcomputer.com)

The article talks about the “default configuration” for Teams, which allows for communication with external users. Of course if you switch this off, Teams becomes a lot less useful.

The worrying thing in this article is that Max Corbridge and Tom Ellson, (the researchers with Jumpsec’s Red Team), think this security flaw is serious enough that they raised it with Microsoft expecting an immediate positive response. Microsoft however thought that an attack vector that bypasses the security features in a product used by more than 280,000,000 people did not meet Microsoft’s criteria for fast action!

I think most of their users would disagree.

Your takeaway

Make sure everyone knows that there is a risk when accepting files via Teams from people outside your organisation. The decision to accept and open a file should only be made depending on who exactly is sending them the file. Do they really know them?

Meanwhile we wait for Microsoft!

Clive Catton MSc (Cyber Security) – by-line and other articles