Skip to main content

This Microsoft Teams exploit could leave your account vulnerable

According to analysts from cybersecurity company Vectra, there’s a massive vulnerability within Microsoft Teams, and countless users could potentially be affected if hackers gets their hands on it.

The program has a flaw that makes it possible for attackers to steal the login credentials of users and log into their accounts. Unfortunately, Microsoft is not planning to patch this right now, so read on to make sure you’re staying safe from this unexpected Microsoft Teams issue.

A video call in Microsoft Teams is displayed on a laptop.
Image used with permission by copyright holder

This flaw, first discovered in August 2022, is pretty severe, but it’s also not too easy to execute. It applies to desktop versions of the Microsoft Teams software (so not the browser version) and affects users on Windows, Linux, and Mac.

Recommended Videos

It all comes down to the way Teams stores user authentication tokens — in clear text, without any extra protection. That would be disastrous if it didn’t rely on one key factor: An attacker needs to have local access to the system where Microsoft Teams is installed.

Please enable Javascript to view this content

Assuming that an attacker does have local access to the network, they could steal the authentication tokens and log into the victim’s account.

Connor Peoples, a researcher from Vectra, said that the threat lies deeper than just one account being compromised; it allows the attacker to hijack accounts that could potentially disrupt the operations of a whole organization.

“[Taking] control of critical seats — like a company’s Head of Engineering, CEO, or CFO — attackers can convince users to perform tasks damaging to the organization,” said Peoples in the report.

How does this all work? Bleeping Computer explained it in greater detail, but the short story is that Microsoft Teams is an Electron app and comes with all the elements required by any regular webpage, such as cookies and session strings. Electron doesn’t support file encryption or establishing protected locations, which is why the user credentials are not being protected as they should be.

During its research, Vectra found a file with access to user tokens in clear text. “Upon review, it was determined that these access tokens were active and not an accidental dump of a previous error. These access tokens gave us access to the Outlook and Skype APIs,” the company’s report said.

Even more data was found upon further research, including valid authentication tokens and account information. Vectra also found a way to exploit the app and was able to receive the tokens in its own chat window.

Man uses Microsoft Teams on a laptop in order to video chat.
Image used with permission by copyright holder

It’s concerning that this vulnerability is currently out there, but Microsoft doesn’t consider it a large enough threat to work on patching it as a priority. A Microsoft spokesperson told Bleeping Computer: “The technique described does not meet our bar for immediate servicing as it requires an attacker to first gain access to a target network. We appreciate Vectra Protect’s partnership in identifying and responsibly disclosing this issue and will consider addressing it in a future product release.”

In the meantime, if you’re worried about the security of your Teams account, a good idea is to switch to the browser version of Teams instead of the desktop client. Linux users, however, are advised to simply switch to a different app — especially because Microsoft is planning to stop supporting the Linux version of Teams by the end of this year.

Monica J. White
Monica is a computing writer at Digital Trends, focusing on PC hardware. Since joining the team in 2021, Monica has written…
Microsoft Teams online vs. desktop: Which is best?
Microsoft Teams chat.

Microsoft Teams is one of the most popular team collaboration and communication tools available -- we even use Microsoft Teams here at Digital Trends. You can use it in a few different ways, too, including the web service or local desktop application. But which should you use, the desktop app or the web app?

There are some advantages and disadvantages to using Teams either online or on the desktop. Let's take a look at them to help you decide which is best for you.

Read more
Microsoft is already reinventing Copilot
The keyboard and trackpad on the new Surface Laptop.

Microsoft has posted a new event on LinkedIn for September 16 titled "Microsoft 365 Copilot: Wave 2," and it will be hosted by CEO Satya Nadella and vice president of AI at Work Jared Spataro. According to the short description of the event, it will cover the "next phase of Copilot innovation," and The Verge's Tom Warren expects it to focus on business offerings rather than consumer products.

As its title hints, the event will also introduce a rebranding of Copilot to "Microsoft 365 Copilot" -- a fairly minor change, but one that likely aims to merge the two products and encourage businesses to see Copilot as an integral part of any Microsoft 365 subscription.

Read more
What is Microsoft Teams? How to use the collaboration app
A close-up of someone using Microsoft Teams on a laptop for a videoconference.

Online team collaboration is the new norm as companies spread their workforce across the globe. Gone are the days of primarily relying on group emails, as teams can now work together in real time using an instant chat-style interface, no matter where they are.

Using Microsoft Teams affords video conferencing, real-time discussions, document sharing and editing, and more for companies and corporations. It's one of many collaboration tools designed to bring company workers together in an online space. It’s not designed for communicating with family and friends, but for colleagues and clients.

Read more