Microsoft Teams, the collaboration and communication platform for work teams, is a tool used by some companies to organize the activities of their work teams. However, this could have a bug that compromises the security of users.
As reported by the cybersecurity company, Vectra, the flaw is that Teams can store the “authentication tokens” of users, which leaves people vulnerable to potential security threats from hackers.
The company indicates that this problem was discovered in August 2022, but that it does not affect the web versions of the program, but rather the desktop versions on Windows, Linux and Mac operating systems.
The security company’s report also indicates that in order to execute an attack on a person who has the authentication tokens stored in Microsoft Teams, the cybercriminal needs to have local access to the system where it was installed. That is, it has to connect to the same network of the desktop or laptop computer on which the platform is used or, otherwise, it could enter through a phishing strategy.
Once the cybercriminal has access to the local network, they can remotely access the devices they want, use the authentication tokens and access the accounts of any worker within an organization, including those of senior managers of large organizations. as CEO.
For Connor Peoples, a researcher at the cybersecurity company, this is the biggest risk regarding the failure.
“By taking control of a company’s critical user accounts, the attacker can convince other users to perform tasks that may be detrimental to the organization,” he said.
According to the Bleeping Computer website, the origin of Microsoft’s problem is that it is an application created using Electron, a platform that allows the generation of desktop applications that work across different platforms.
This capability, while useful in principle, works similarly to a web page: it stores cookies and logins just like any other website would. This functionality harms the security of any other application that does not invest resources in improving those aspects.
In its report, the company indicated that in addition to being able to find stored information about Microsoft Teams authentication tokens, they were also able to find data related to logins in Outlook and Skype.
Ways to mitigate risk
The recommendation issued by the cybersecurity company involves people changing the platform for using Microsoft Teams and moving from the desktop application to the web version.
In the case of users of the Linux operating system, they will have to switch to a different collaborative work platform, as Microsoft will withdraw the Teams application from the system starting in December