Vulnerability Microsoft Teams – Auth Tokens in cleartext (2022)

A vulnerability Microsoft Teams which affects all users of the service who use the application on Windows, Mac or Linux.

Microsoft Teams is an integrated package platform Microsoft 365. The service is used globally by nearly 300 million users for video conferencing, voice calls, text messages and stored/file sharing. It is supposed to be used especially for business and office Microsoft Teams for Windows, Linux si Mac it should have a security standard relevant to the current times. However, it seems that for Microsoft encryption is of little importance.

In August (2022), a team of security analysts discovered a vulnerability Microsoft Teams which apparently Microsoft has not complicated to solve until this moment.

Vulnerability Microsoft Teams – The unencrypted authentication token

The discovered security problem consists in the unencrypted storage of authentication tokens in the application Microsoft Teams for Windows, Mac si Linux. More exactly user authentication tokens are kept in cleartext.

Vulnerability Microsoft Teams - Auth Tokens in cleartext (2022)
Vulnerability Microsoft Teams

This means that if an attacker has access to a computer on which it is installed Microsoft Teams, he will be able to take the authentication credentials from the application and connect to the victim's account. In addition, the attacker secures access to Microsoft Graph API even if the account is protected with MFA (Multi-factor authentication). No advanced malware or special permissions are needed to access files containing authentication tokens.

This vulnerability (if I can call it that) can affect many companies around the world. On Microsoft Teams there are business conversations, meetings within organizations, team work sessions, job interviews are held and confidential data is sent.

The most worrying part is that this problem was reported by Connor Peoples (cybersecurity analyst) since August 2022, and until now (half of September 2022) Microsoft has not taken any action.

Until Microsoft solves this vulnerability Microsoft Teams, users can protect themselves using the web version of the application.

In 2022, keeping sensitive data in cleartext, even more authentication tokens, it seems to me that Microsoft is using the techniques of the 90s when Yahoo! Messenger paste local conversations in text format. Microsoft comes with something extra. Keep the authentication data.

Passionate about technology, I enjoy writing on since 2006. I have a rich experience in operating systems: macOS, Windows, and Linux, as well as in programming languages and blogging platforms (WordPress) and for online stores (WooCommerce, Magento, PrestaShop).

How to » AntiVirus & Security » Vulnerability Microsoft Teams – Auth Tokens in cleartext (2022)
Leave a Comment