top of page
Search
Queenie Siah

Microsoft Teams fixes funny Gifs cyber-attack flaw

Like many chat apps, Teams let colleagues send each other whimsical animated Gif images.


But CyberArk researchers discovered a problem that meant viewing a Gif could let hackers compromise an account and steal data. Microsoft has since patched the security hole, researchers said.


This attack involves using a compromised subdomain to steal security tokens when a user loads an image - but the end-user would just see the Gif sent to them, and nothing else.


"They will never know that he or she has been attacked - making this vulnerability... very dangerous," the team said.


It is a good demonstration of a zero-click attack - no clicking of links, the opening of documents, thus all software should be updated as there are bound to be security flaws occasionally.



8 views0 comments

Recent Posts

See All

Comments


bottom of page