Monday, March 25, 2024
HomeSample Page

Sample Page Title


Using Teams in a browser is actually safer than using Microsoft's desktop apps, which are wrapped around a browser. It's a lot to work through.
Enlarge / Using Teams in a browser is definitely safer than utilizing Microsoft’s desktop apps, that are wrapped round a browser. It’s quite a bit to work via.

Microsoft’s Teams consumer shops customers’ authentication tokens in an unprotected textual content format, probably permitting attackers with native entry to put up messages and transfer laterally via a corporation, even with two-factor authentication enabled, in response to a cybersecurity firm.

Vectra recommends avoiding Microsoft’s desktop consumer, constructed with the Electron framework for creating apps from browser applied sciences, till Microsoft has patched the flaw. Using the web-based Teams consumer inside a browser like Microsoft Edge is, considerably paradoxically, safer, Vectra claims. The reported concern impacts Windows, Mac, and Linux customers.

Microsoft, for its half, believes Vectra’s exploit “doesn’t meet our bar for speedy servicing” since it will require different vulnerabilities to get contained in the community within the first place. A spokesperson informed Dark Reading that the corporate will “contemplate addressing (the difficulty) in a future product launch.”

Researchers at Vectra found the vulnerability whereas serving to a buyer attempting to take away a disabled account from their Teams setup. Microsoft requires customers to be logged in to be eliminated, so Vectra regarded into native account configuration information. They got down to take away references to the logged-in account. What they discovered as an alternative, by looking the consumer’s identify within the app’s information, have been tokens, within the clear, offering Skype and Outlook entry. Each token they discovered was energetic and will grant entry with out triggering a two-factor problem.

Going additional, they crafted a proof-of-concept exploit. Their model downloads an SQLite engine to a neighborhood folder, makes use of it to scan a Teams app’s native storage for an auth token, then sends the consumer a high-priority message with their very own token textual content. The potential penalties of this exploit are larger than phishing some customers with their very own tokens, after all:

Anyone who installs and makes use of the Microsoft Teams consumer on this state is storing the credentials wanted to carry out any motion potential via the Teams UI, even when Teams is shut down. This permits attackers to switch SharePoint information, Outlook mail and calendars, and Teams chat information. Even extra damaging, attackers can tamper with legit communications inside a corporation by selectively destroying, exfiltrating, or participating in focused phishing assaults. There isn’t any restrict to an attacker’s means to maneuver via your organization’s setting at this level.

Vectra notes that transferring via a consumer’s Teams entry presents a very wealthy properly for phishing assaults, as malicious actors can pose as CEOs or different executives and search actions and clicks from lower-level staff. It’s a method generally known as Business Email Compromise (BEC); you’ll be able to examine it on Microsoft’s On the Issues weblog.

Electron apps have been discovered to harbor deep safety points earlier than. A 2019 presentation confirmed how browser vulnerabilities may very well be used to inject code into Skype, Slack, WhatsApp, and different Electron apps. WhatsApp’s desktop Electron app was discovered to have one other vulnerability in 2020, offering native file entry via JavaScript embedded into messages.

We’ve reached out to Microsoft for remark and can replace this put up if we obtain a response.

Vectra recommends that builders, in the event that they “should use Electron on your utility,” securely retailer OAuth tokens utilizing instruments reminiscent of KeyTar. Connor Peoples, safety architect at Vectra, informed Dark Reading that he believes Microsoft is transferring away from Electron and shifting towards Progressive Web Apps, which would offer higher OS-level safety round cookies and storage.

RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Most Popular

Recent Comments