Microsoft Teams Stores Auth Tokens As Cleartext In Windows, Linux, Macs

Security analysts have found a severe security vulnerability in the desktop app for Microsoft Teams that gives threat actors access to authentication tokens and accounts with multi-factor authentication (MFA) turned on. BleepingComputer reports: 'This attack does not require special permissions or advanced malware to get away with major internal damage,' Connor Peoples at cybersecurity company Vectra explains in a report this week. The researcher adds that by taking 'control of critical seats -- like a company's Head of Engineering, CEO, or CFO -- attackers can convince users to perform tasks damaging to the organization.' Vectra researchers discovered the problem in August 2022 and reported it to Microsoft. However, Microsoft did not agree on the severity of the issue and said that it doesn't meet the criteria for patching.

With a patch unlikely to be released, Vectra's recommendation is for users to switch to the browser version of the Microsoft Teams client. By using Microsoft Edge to load the app, users benefit from additional protections against token leaks. The researchers advise Linux users to move to a different collaboration suite, especially since Microsoft announced plans to stop supporting the app for the platform by December.

Read more of this story at Slashdot.