Users should be wary of this Microsoft Teams security flaw

Researchers have found a simple but devastating vulnerability in Microsoft Teams that could have provided attackers with the key to access the platform.

According to security firm Tenable, although Microsoft has now fixed the situation, the vulnerability exposed all sorts of sensitive information, from chat and email logs to files shared via OneDrive or email. SharePoint.

In addition to exposing data, this bug can also be used to take control of a user's Microsoft 365 account. With this level of access, attackers could have sent emails from victims' accounts, for example, generating funds for phishing attacks and other secondary attacks.

Exploiting Microsoft Teams uses a separate Microsoft product - Power Apps - designed to aid application development. This service can be launched as a tab in Microsoft Teams.

Tenable researchers have found that the mechanism for verifying content loaded into Power Apps is easy to manipulate. By spoofing a trusted domain (https://make.powerapps.com), an attacker could have created a malicious Power Apps tab, potentially affecting any Teams user who clicked on it.

Users should be wary of this Microsoft Teams security flaw Picture 1 Users should be wary of this Microsoft Teams security flaw Picture 1

'Despite its simplicity, this vulnerability poses a significant risk as it can be exploited to 'initiate' a number of different attacks across multiple services, potentially exposing sensitive files and conversations. sensing or allowing an attacker to impersonate another user and take action. Given the number of access tokens this vulnerability exposes, there are potentially other serious and creative potential attacks that haven't been discovered in our feasibility testing' - Evan Grant, Tenable's Research Engineer.

The bottom line is that the vulnerability can only be exploited by someone authorized to create Power Apps tabs. While insider attacks are common, this means that it is impossible for a third party to exploit the vulnerability.

As soon as the issue was revealed, Microsoft rolled out the fix to all customers without any action by the end user or administrator. There is no evidence that the vulnerability has been abused in practice.