Technology and gaming content trusted in North America and globally since 1999
8,614 Reviews & Articles | 60,992 News Posts

Microsoft Teams patched a flaw that could allow account takeover

The researchers who discovered the flaw have been working with Microsoft to patch it

Shane McGlaun | Apr 28, 2020 at 4:04 pm CDT (1 min, 36 secs time to read)

Microsoft has announced that it has issued a patch for a severe flaw in Microsoft Teams that could have allowed a user's account to be taken over simply by viewing a GIF. The security issue stemmed from the way that Teams handles images and could allow data theft and account hijacking. The security flaw was discovered by a security firm called CyberArk over a month ago.

Microsoft Teams patched a flaw that could allow account takeover 01 | TweakTown.com

CyberArk worked with Microsoft Security Research Center using the Coordinated Vulnerability Disclosure to fix the flaw. Repairing such a sensitive flaw was a priority with the massively increased number of users who are utilizing Teams for education, work, and healthcare during the coronavirus pandemic. CyberArk was able to show Microsoft how it was possible to use a compromise subdomain to host images and steal security tokens by merely getting the user to view an image.

One of the most serious aspects of this particular attack was that it was invisible to the user. CyberArk said that it found that two Microsoft subdomains were vulnerable to takeover, including aadsync-test.teams.microsoft.com and data-dev.teams.microsoft.com.

CyberArk said, "If an attacker can somehow force a user to visit the sub-domains that have been taken over, the victim's browser will send this cookie to the attacker's server, and the attacker (after receiving the authtoken) can create a skype token. After doing all of this, the attacker can steal the victim's Teams account data." The security firm said that the attacker would need to issue a certificate for the compromised sub-domains, but that was possible. The victim of this attack would never know they were compromised, making this attack particularly dangerous. Microsoft has seen a major increase in demand for Teams in recent months.

Last updated: Apr 28, 2020 at 04:25 pm CDT

NEWS SOURCE:betanews.com
Shane McGlaun

ABOUT THE AUTHOR - Shane McGlaun

Shane is a long time technology writer who has been writing full time for over a decade. Shane will cover all sorts of news for TweakTown including tech and other topics. When not writing about all things geeky, he can be found at the track teaching noobs how to race cars.

Related Tags