Apr 27, 2020
Microsoft Teams fixes funny Gifs cyber-attack flaw
A security problem in Microsoft Teams meant cyber-attacks could be initiated via funny Gif images, researchers have revealed. All a user had to do was view the Gif to allow an attacker to scrape data from their account. The flaw could have led to widespread data theft, ransomware attacks and corporate espionage, the team added. This attack involves using a compromised subdomain to steal security tokens when a user loads an image - but the end user would just see the Gif sent to them, and nothing else. While the attack pattern is not easy to set up, it is a workable attack and "Could spread very rapidly between all the users", he said.
Make a complaint about Microsoft by viewing their customer service contacts.