Microsoft fixes malicious GIF glitch that could have compromised corporate Teams accounts

By Tracy Qu

Cybersecurity firm CyberArk discovered a vulnerability that could have allowed hackers to steal Microsoft Teams users’ access tokens by sending GIFs. It reported the issue on March 23, and Microsoft issued a patch on April 20. — SCMP

Microsoft has patched a vulnerability in its popular chat and conferencing app Teams, which could have allowed hackers to scrape user data and ultimately take over entire organisations’ accounts just by sending victims modified GIFs that look no different from regular moving images.

In an article on Monday, cybersecurity firm CyberArk said it discovered that two subdomains under the Microsoft Teams site were vulnerable to takeovers.

The Star Christmas Special Promo: Save 35% OFF Yearly. T&C applies.

Monthly Plan

RM 13.90/month

Best Value

Annual Plan

RM 12.33/month

RM 8.02/month

Billed as RM 96.20 for the 1st year, RM 148 thereafter.

Follow us on our official WhatsApp channel for breaking news alerts and key updates!
SCMP

Next In Tech News
These travel influencers don’t want freebies. They’re AI.
Social app RedNote expanding beyond China despite privacy concerns
Live shopping catches on in US with Kim Kardashian and�cookies
Amazon in talks to invest in OpenAI, source says
Grok spews misinformation about deadly Australia shooting
Blackstone leads investment in data-security firm Cyera at a $9 billion valuation, WSJ reports
AI romance blooms as Japan woman weds virtual partner of her dreams
Waymo in talks to raise billions at over $100 billion valuation, the Information reports
Hacking group 'ShinyHunters' threatens to expose premium users of sex site Pornhub
X Corp sues social media startup over bid to claim 'Twitter' brand

Trending in Tech

Others Also Read

Load more

Copyright © 1995- Star Media Group Berhad [197101000523 (10894-D)]

Best viewed on Chrome browsers.