In 2024, a hacking group known as Black Basta made headlines by exploiting a critical vulnerability in Microsoft Teams to carry out large-scale cyber-attacks, primarily using ransomware. Their method was disturbingly simple yet effective: they spammed corporate employees’ email inboxes with invitations to join a Teams group, promising critical security updates. Once the unsuspecting victims clicked on the link, they were directed to malicious websites, which unleashed harmful software designed to infiltrate corporate networks.
This major security breach raised alarms across the tech industry, but fast-forward to 2025, and Microsoft has implemented a suite of countermeasures powered by advanced Artificial Intelligence (AI). These innovative security features aim to prevent future cyberattacks and bolster user safety on the platform.
New Security Features in Microsoft Teams
Starting in February 2025, Microsoft introduced two key security enhancements for Teams users, which were developed with AI to proactively defend against these types of threats.
Malicious URL Detection and Alerts: Microsoft Teams will now use AI algorithms to scan and identify potentially dangerous URLs embedded within messages or shared files. Whenever a user encounters a suspicious link, the system will immediately alert them, preventing the click-through that often leads to malicious websites. This new layer of security aims to significantly reduce the risk of phishing attacks and other URL-based exploits.
Blocking Dangerous Payloads: In addition to identifying harmful links, Microsoft Teams will now also block dangerous payloads, such as executable files (EXE files), which are commonly used to deliver malware. These files, once downloaded or opened, can easily propagate across corporate networks, causing widespread damage. With this new feature, the platform will prevent the automatic sharing or execution of such files, making it harder for attackers to execute their schemes.
Both of these protective measures were still under development as of early 2025, but Microsoft plans to roll them out in full by September 2025. The new security tools will be available on all major platforms, including Android, iOS, and desktop versions of Microsoft Teams.
These steps follow earlier privacy concerns raised by users, particularly in Western markets, regarding Teams’ auto-screen capture functionality during meetings. Responding to these concerns, Microsoft made the decision to block this feature, addressing fears that it could potentially be an invasion of privacy.
A Pleasant Surprise for Windows 10 Users
In another significant development, Microsoft recently made a surprise announcement regarding its Windows 10 operating system. In 2024, the company had announced that support for Windows 10 would be ending, marking its “end-of-life” status and leaving many users to scramble for an upgrade. However, in a bid to offer relief to businesses and consumers who rely on this older operating system, Microsoft has decided to extend its support timeline until October 2026.
This extension, while a relief for millions of Windows 10 users, will come with a caveat: Microsoft will charge an additional fee of $30 for continued security updates. This new policy is yet to receive official comments from Microsoft’s employees or feedback from the active tech communities on platforms like Reddit, but it has already sparked discussions about the company’s commitment to supporting legacy systems for longer periods.
While the decision to extend support for Windows 10 might be seen as a move to appease existing users, it also hints at a growing recognition of the slower pace of migration to newer versions, especially in business environments where software upgrades can be costly and disruptive.
Join our LinkedIn group Information Security Community!
