Security experts have discovered that the login details for the Microsoft Teams desktop app are stored unsecured in a database. The “good news” here is that possible attackers would first have to gain local access to the system in order to get this data. Windows, Mac and Linux systems are equally affected.
Security researchers are sounding the alarm
The security company Vectra has now warned of possible dangers for companies in a blog post. Once criminals have gained access to a system, they could access the authentication token data of Microsoft Teams users. These are stored in a “cookies” folder in plain text form.
In an attempt by Vectra, security experts were able to read this data and send it as simple text messages.
With sufficient criminal energy, it would be easy for attackers to impersonate the CEO or other superiors, for example, and access further data, warns Vectra:
“With a sufficient number of compromised computers, attackers can orchestrate communications within an organization. By taking full control of important jobs such as: “For example, a company’s technical director, CEO, or CFO, attackers can convince users to perform tasks that are harmful to the company.”
Blog post Vectra
Use the browser version of Microsoft Teams
Following this analysis, Vectra notified Microsoft of this vulnerability in August. However, no patch has yet been released to close the gap. Since access to the sensitive data is only possible after access to the local network, the security problem was not considered serious enough, reports Bleeping Computer .
“The technique described does not meet our requirements for immediate maintenance because an attacker must first gain access to a target network.
Statement from a Microsoft spokesperson according to Bleeping Computer
We appreciate Vectra Protect’s partnership in identifying and responsibly disclosing this issue and will consider addressing it in a future product release.”
Vectra security experts recommend using Microsoft Teams directly via the browser until the security hole is closed.
Source: Vectra , futurezone.at , Bleeping Computer
You might also be interested in: Smishing & Phishing on the rise
If you enjoyed this post and value the importance of well-founded information, become part of the exclusive Mimikama Club! Support our work and help us promote awareness and combat misinformation. As a club member you receive:
📬 Special Weekly Newsletter: Get exclusive content straight to your inbox.
🎥 Exclusive video* “Fact Checker Basic Course”: Learn from Andre Wolf how to recognize and combat misinformation.
📅 Early access to in-depth articles and fact checks: always be one step ahead.
📄 Bonus articles, just for you: Discover content you won't find anywhere else.
📝 Participation in webinars and workshops : Join us live or watch the recordings.
✔️ Quality exchange: Discuss safely in our comment function without trolls and bots.
Join us and become part of a community that stands for truth and clarity. Together we can make the world a little better!
* In this special course, Andre Wolf will teach you how to recognize and effectively combat misinformation. After completing the video, you have the opportunity to join our research team and actively participate in the education - an opportunity that is exclusively reserved for our club members!
Notes:
1) This content reflects the current state of affairs at the time of publication. The reproduction of individual images, screenshots, embeds or video sequences serves to discuss the topic. 2) Individual contributions were created through the use of machine assistance and were carefully checked by the Mimikama editorial team before publication. ( Reason )

