Microsoft Teams stores authentication tokens in plaintext

clock • 2 min read
About 270 million people use Teams around the world
Image:

About 270 million people use Teams around the world

But the vulnerability does not satisfy Microsoft's standards for a quick fix

Microsoft's workplace-oriented messaging app, Teams, saves authentication tokens in an unencrypted plaintext format - potentially allowing attackers to control conversations and move laterally insi...

To continue reading this article...

Join Computing

  • Unlimited access to real-time news, analysis and opinion from the technology industry
  • Receive important and breaking news in our daily newsletter
  • Be the first to hear about our events and awards programmes
  • Join live member only interviews with IT leaders at the ‘IT Lounge’; your chance to ask your burning tech questions and have them answered
  • Access to the Computing Delta hub providing market intelligence and research
  • Receive our members-only newsletter with exclusive opinion pieces from senior IT Leaders

Join now

 

Already a Computing member?

Login

You may also like
Cloud encryption rates are disastrously low, research

Security

Come on in, the door's open

clock 05 June 2024 • 2 min read
Microsoft faces renewed antitrust charges in EU over Teams dominance

Compliance

Global unbundling of Teams insufficient concession

clock 14 May 2024 • 2 min read
Microsoft takes unbundling of Office and Teams global

Office Software

In doing so, hopes to head off further antitrust action

clock 03 April 2024 • 2 min read

More on Threats and Risks

Threat group 'systematically compromising Snowflake customer instances'

Threat group 'systematically compromising Snowflake customer instances'

165 organisations notified to date

Kyle Alspach
clock 11 June 2024 • 2 min read
Microsoft warns of potential Azure Service Tags misuse by hackers

Microsoft warns of potential Azure Service Tags misuse by hackers

Ten specific Azure services are currently identified as susceptible

clock 11 June 2024 • 2 min read
Microsoft overhauls Recall, makes it opt-in

Microsoft overhauls Recall, makes it opt-in

The move comes after security concerns from experts

clock 10 June 2024 • 3 min read