A research carried out by Tenable has discovered a serious vulnerability on Microsoft Teams app that could help hackers take control of user accounts, thus giving them access to their chat history, files on One-drive Business Storage and can offer them the privilege of sending emails on behalf of the victimized account holder.
As most of the administrative activities are taking place on a virtual note, an increase has been witnessed in the usage of business communication apps these days.
One such app is Microsoft Teams that hold a strong user count of over 145 million- as per the March ‘21 stats.
So, at this juncture, the discovery of such vulnerabilities can not only put a dent on the Satya Nadella led company on a temporary note, but can also shut down the business permanently.
Note 1- Microsoft Teams is a communication platform that is a part of the Microsoft 365 family of products and is being offered in line with other services like Slack, Zoom, and Google Meet. It has a feature by default that allows users to launch the app as a tab within a group and Tenable argues that hackers can induce malicious content into the Power Apps Tabs, acting as a gateway for cyber crooks.
Note 2- Evan Grant, the Chief Security Engineer at Tenable has confirmed the news and added that his team found the vulnerability while scanning for potential bugs in the entire functionality of Microsoft Teams.
Note 3- Microsoft has acknowledged the issue by releasing a fix to the susceptibility that could expose large amounts of data to hackers.