HomeCyber SecurityMicrosoft fixes an account takeover with GIFs Security bug in Microsoft Teams

Microsoft fixes an account takeover with GIFs Security bug in Microsoft Teams

April 27, 2020

260

Microsoft recently resolved a security problem in Microsoft Teams, where an attacker could take over user accounts with help of a malcious GIF file.

On Monday, a researcher from CyberArk explained the security vulnerablity in a blog post. In that blog post it is mentioned that a subdomain tackover vulnerability, combined with a malcious .GIF file could be used to scrape a users data and take over entire organization users accounts.

The teams has explained the flow of the attack and process of stealing access token.

The team has created PoC to demonstrate the attack. You can find more information in CyberArk blog post.

Tags
Microsoft
Microsoft Teams

Facebook announces Messenger Room for group video calling

Casio Released NASA themed G-Shock watch

Microsoft fixes an account takeover with GIFs Security bug in Microsoft Teams

Related

Android devices infected by 5 zero day vulnerabilities

Emotet Malware again starts infecting users

Hackers breached T-Mobile’s systems and stole its source code

Most Popular

Stabilizers for Refridgerator

ChatGPT for Android was Launched: Things you need to know before using

Meta Launches “Threads” a Twitter rival app

Character AI Unblocked: A Comprehensive Guide

ABOUT US

FOLLOW US