The Microsoft Teams desktop app stores icons locally in plain text, according to security researchers from Vectra. These are authentication codes, which can be used to log into the victim’s account.
Vectra writes On its website, the company discovered the security risks in August and reported it to Microsoft. The security company describes it as a serious security risk, because the tokens obtained can also be used to log into an account if it is secured with two-step authentication. According to Vectra, especially if the tokens of a high-ranking employee within the company are stolen, the damage can be significant.
According to Microsoft, this is not a huge risk, since the attacker will have to gain access to the victim’s network, Microsoft spokesperson reports to Bleeping Computer. “We do not consider the technology described as an immediate fix because the attacker must first gain access to the victim’s network. We appreciate that Vectra Protect identified and reported this responsibly. We will consider this for a future product release.” Until Microsoft comes up with a solution, Vectra recommends using the browser version of Microsoft Teams. According to the company, this better protects against token leakage.
“Web maven. Infuriatingly humble beer geek. Bacon fanatic. Typical creator. Music expert.”