Microsoft Teams vulnerability shows danger of collaboration apps

Microsoft Teams is perhaps the biggest enterprise communication platform in the world. It rose to prominence during the COVID-19 pandemic as a key space for enterprise users to maintain productivity.

Teams has over 270 million monthly active users. The pandemic helped accelerate the platform’s reach from 75 million users in April 2020 to 115 million in October 2020, and 145 million in April 2021.

Overall, Gartner recorded a 44% rise in workers’ use of collaboration tools since 2019, to the point where 80% of workers were using collaboration tools for work in 2021.

While these tools are convenient, their widespread use has opened the door to some serious vulnerabilities.

How bad is the Microsoft Teams vulnerability?

This isn’t the first time that collaboration tools like Teams have received criticism for being insecure. At the start of this year, Avanan identified a significant uptick in cyberattacks taking place over Microsoft Teams, with threat actors using chats and channels to circulate malicious .exe files.

These new vulnerabilities are another chink in the armor of applications that aim to be enterprise-grade communication platforms.

“In essence, this is still [the] unsolved problem of stealing cookies and other web credentials by attackers with local access,” said John Bambenek, principal threat hunter at Netenrich. “That isn’t to say it’s not significant. The fundamental problem is that attackers can steal a cookie and use it on any number of machines to replay an authenticated machine.”

“I would like to see developers and tech companies send these credentials hashed with some local-machine specific information so cookie and credential relay attackers would disappear entirely,” Bambenek added.