Microsoft fixes GIF file bug that could be used to hijack Microsoft Teams accounts

By Biju KumarApril 29, 2020

Microsoft has reportedly fixed a bug that could have allowed attackers to hijack Microsoft Teams accounts by using a malicious GIF file. Researchers at cybersecurity firm CyberArk revealed that using a subdomain takeover vulnerability in Microsoft Teams, attackers could have used a malicious GIF to scrape user’s data and ultimately take over an organisation’s entire roster of Teams accounts.

Interestingly, to allow access to attackers, all that users would have to do was just a message with a malicious GIF file. “Since users wouldn’t have to share the GIF – just see it – to be impacted, vulnerabilities like this have the ability to spread automatically. This vulnerability would have affected every user who uses the Teams desktop or web browser version,” as per a report by CyberArk.

Microsoft fixes GIF file bug that could be used to hijack Microsoft Teams accounts

More in IT

China tech giant Alibaba posts modest yearly revenue growth

Amazon replaces cloud unit chief Adam Selipsky with veteran Matt Garman

AI spending in India may triple to $5 billion by 2027: report

Must Read Articles

Zomato & Swiggy

Poor Show

Regulating Big Tech

Interview with Preetham Uthaiah, EVP – Marketing & Strategy Saankhya Labs

DoT launches portal for centralised RoW approvals

NCAER Working Paper

Real-Time-Bidding of your Data

DoT to get 33 pc stake of Vi for Rs 16,133 cr interest dues

National Data Governance Framework

BSNL 4G

Archives

You may also like

More in IT

Must Read Articles

Archives