Four vulnerabilities have been found in Microsoft Teams, a popular corporate messenger in Russia, which can be used for phishing attacks and stealing IP addresses, said Positive Security, a German cybersecurity company.
All discovered vulnerabilities are related to the function of previewing links sent as a message, Kommersant reported. The most obvious of them is the ability to change the link and, for example, take the user to a phishing site.
In total, experts discovered four vulnerabilities:
- SSRF attack (Server Side Request Forgery, allows you to send requests on behalf of the server to external or internal resources);
- spoofing – an attack based on data falsification;
- stealing IP addresses on Android;
- DoS (Denial of Service) – an attack that makes it difficult to access the system, or completely stops work.
Of the problems found, the riskiest vulnerability is the Spoofing vulnerability, which allows you to send a malicious link, the preview of which will be disguised as a legitimate website, says a senior researcher for information security threats at Kaspersky Lab, Boris Larin: “As a result, insufficiently attentive users can become victims, for example, phishing attack ”.
Cybersecurity experts notified Microsoft of the problems back in March 2021, but the corporation has patched only one vulnerability. Microsoft claims to have examined all four vulnerabilities and “they do not pose an immediate threat requiring security fixes.”
Overall, Microsoft Teams, which targets enterprise use, is estimated to have fewer threats than the more popular Zoom, for example. This is due to higher security requirements.