Upcoming Webinar
Cayosoft Shows How Forest Recovery Tech Addresses Survey Issues
Join this webinar and not only learn about what your peers are doing, but also learn about a new patent-pending modern approach to AD forest recovery from Cayosoft.
New episode!
The Scoop on Loop: The Latest Innovations Directly From Microsoft!
Darrell Webster speaks to Rebecca Keys, a Program Manager from the Microsoft Loop team.
Turn Data Protection into an MRR Growth Engine
Security for your customers, revenue for your MSP practice. Access key insights on how to scale your practice with SkyKick’s new eGuide.
MSP eGuide to Package, Sell and Deliver M365 Security Services
Based on input from our top-performing MSPs, SkyKick prepared the MSP Guide to help you navigate the security landscape.

Microsoft Teams External Access Vulnerability Lets Attackers Deliver Malware

Security researchers have recently discovered a new vulnerability in Microsoft Teams. The flaw could enable threat actors to deliver malware to Teams users through a federated chat.

The vulnerability was originally discovered by security researchers Max Corbridge and Tom Ellson from the JUMPSEC Labs’ Red Team. The researchers found that the flaw exists in the External Access feature in Microsoft Teams. It allows users to communicate with individuals outside their organization via Teams chat and video calls.

The Microsoft Teams vulnerability enables external users to inject malware into files sent to an employee’s inbox. The file comes with a specially crafted message that tricks users into opening it on their computers. The security flaw lets attackers bypass built-in security measures that protect Teams users against malware and phishing campaigns. It affects all enterprise customers that use the app in its default configuration.

“Exploitation of the vulnerability was straightforward using a traditional IDOR technique of switching the internal and external recipient ID on the POST request,” Corbridge explained in a security advisory. “When sending the payload like this, it is actually hosted on a SharePoint domain and the target downloads it from there. It appears, however, in the target inbox as a file, not a link.”

Security Researchers Discover New Vulnerability in Microsoft Teams External Access

Microsoft Teams’ external access flaw won’t be quickly patched

The security researchers contacted Microsoft about the vulnerability before disclosing the details publicly. Microsoft, for its part, believes the exploit “does not meet the bar for immediate servicing.” The researchers advised that IT admins should disable the External Access setting in the Microsoft Teams Admin Center.

However, it’s important to note that some may organizations require regular communication with external tenants. In this case, it’s recommended that IT admins should configure Teams security settings to restrict external access to only a set of domains. This approach should make it harder for hackers to compromise user accounts in Microsoft 365 tenants.

by Rabia Noureen
Jun 26, 2023

Rabia comes from a solid IT background and has been writing professionally about Microsoft products and other technology for four years. Rabia has also written for OnMSFT.com as well as Windows Report. She is always up to date on the latest trends in...

GET-IT: Submit Your Questions for Microsoft Teams Product Manager Anupam Pattnaik

Nov 16, 2023
5 Ways to Get Things Done More Efficiently in Microsoft 365

Apr 22, 2024
Apr 23, 2024
Microsoft Will Make Teams 2.0 the Default Client Later This Year

May 30, 2023

Take our survey

PETRI NEWSLETTERS

Join Petri Insider

Create a free account today to participate in forum conversations, comment on posts and more.