BEST OF THE WEB

Microsoft Teams flaw grant hackers access to authentication tokens

Security researchers from Vectra have uncovered a vulnerability in the desktop app for Microsoft Teams that could give threat actors access to authentication tokens and accounts with multi factor authentication.

Microsoft Teams is an Electron app that implies that it runs in a browser window, complete with all the elements required for a regular website.

However, Electron does not support encryption or protected file storage by default. Therefore, it is not secure for the development of mission-critical products unless extensive customization and additional work is carried out.

In their analysis of Microsoft Teams, the researchers found an Idb file with access tokens in clear text. They also discovered that the “Cookies” folder contained valid authentication tokens, along with account information, session data, and marketing tags.

Threat actors can use info-stealing malware to steal Microsoft Teams authentication tokens and remotely log in as a user, bypass MFA and gain full access to the account.

To mitigate the bug, Vectra asked users to switch to the browser version of Microsoft Teams client since using Microsoft Edge to load the app can provide users with additional protection against token leaks.

Linux’s users are advised to switch to another collaboration suite, especially since Microsoft has announced that it will discontinue support for the app on the platform by December. Those who cannot switch to another solution immediately are advised to create a monitoring rule to discover processes accessing selected directories.

The sources for this piece include an article in BleepingComputer.

IT World Canada Staff
IT World Canada Staffhttp://www.itworldcanada.com/
The online resource for Canadian Information Technology professionals.

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

ITW in your inbox

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

More Best of The Web