Four vulnerabilities in Microsoft Teams, unpatched since March, allowed link spoofing of URLs and opened the door to DoS attacks against Android users, researchers said.
Researchers from Positive Security discovered four bugs in the feature earlier this year and told Microsoft about the issues on March 10. So far, only one of the bugs—a bug allowing attackers to leak Android IP addresses—appears to have been patched by the company, researcher Fabian Bräunlein said in a blog post published Wednesday.
Microsoft Teams is a collaboration tool that helps people working in different geographic locations work together online. For this reason, Teams usage of the platform has risen during the pandemic, making it an increasingly attractive target for threat actors.
Read more: Threatpost
For more such updates follow us on Google News ITsecuritywire News