Blog

“Wormhole” Wormable Zero-Click Vulnerability in Microsoft Teams

A Security Engineer at Evolution Gaming has discovered a Cross-site Scripting (XSS) vulnerability on the teams.microsoft.com domain. This could be abused to trigger a Remote Code Execution (RCE) flaw in the Microsoft Teams Desktop Application.

According to the researcher, an attacker simply needs to send a specially crafted message to any Teams user or channel to launch a successful exploit, which runs clandestinely in the background without the users notice.

Windows (version 1.3.00.21759), macOS (version 1.3.00.23764) and Linux (1.3.00.16851) were affected.

The impact:

Successful exploitation of this vulnerability allows an attacker to access confidential conversations and files in the Teams application. It could even result in access to private keys and personal data outside the application, making it significantly dangerous.

Furthermore, this vulnerability is wormable, meaning an attacker can automatically send the exploit payload to other users and channels without interaction.

The remediation:

This issue was mitigated against by Microsoft’s patch in October, an immediate update is recommended for those who haven’t done so already.

Source: Security Week

Risk Crew

Recent Posts

ISO 42001: Key Insights You Need to Know

Introducing ISO 42001 – the world’s first international management system standard focused specifically on AI.…

3 months ago

ISO 27001 Requirements | Your Roadmap to Compliance

Data breaches and cyberattacks have become daily concerns for information security professionals and business leaders.…

3 months ago

How to Get Ready for a Penetration Test

It is an undeniable fact that all applications and infrastructures are essentially in need of…

5 months ago