‘Evil GIF’ account takeover flaw patched in Teams

2020-04-28 09:00

Microsoft has quickly fixed a flaw in its Teams videoconferencing and collaboration program that could have allowed attackers to launch a wormlike attack on multiple accounts by sending one victim a malicious GIF image.

If an attacker can somehow force a user to visit the sub-domains that have been taken over, the victim's browser will send this cookie to the attacker's server and the attacker can create a skype token.

Anyone who accesses Teams using the Teams application or via a web browser.

In theory, internal Teams groups wouldn't be affected although an attack could still be launched if external communication was possible.

There are no indications the flaw has been exploited by a real attacker.

News URL

https://nakedsecurity.sophos.com/2020/04/28/evil-gif-account-takeover-flaw-patched-in-teams/

#takeover #teams