Microsoft Teams and the authentication tokens

Photo by Dimitri Karastelev on Unsplash

I have to admit that I have a hate relationship with Microsoft Teams. At the end of the day, it works like most other similar tools. As I previously wrote, it takes ages to load on my MacBook Air M1. I always launch it five minutes before any conference call to give it the time to launch properly and be on time.

I also hate the fact that it doesn’t like virtual cameras too much, even if there is a solution to solve that problem.

Microsoft applications on the Mac have always been sub-par compared to their equivalent on Windows. Excel, to name one. From a business perspective, I think it may make sense. I am sure that the Mac team is much smaller than the Windows team in Microsoft.

I was a little bit surprised when I read yesterday that Teams stores authentication tokens in plain text on the machine where it is installed. This is not happening only on the Mac platform, but also in Windows and Linux.

Honestly I don’t know why the Microsoft engineers were considering this as a good idea. I opened my terminal and looked for those credentials on my Mac. What I read was true. The tokens were stored in plain text at an unprivileged user level.

Quite funny.

Vectra is the company that found the issues and this is what they say about it: “This enables attackers to modify SharePoint files, Outlook mail and calendars, and Teams chat files,” Vectra security architect Connor Peoples wrote. “Even more damaging, attackers can tamper with legitimate communications within an organization by selectively destroying, exfiltrating, or engaging in targeted phishing attacks.”

Vectra notified Microsoft about the issue and this is their reply:

“does not meet our bar for immediate servicing as it requires an attacker to first gain access to a target network,”

This is an interesting answer, and I am very surprised.

0 0 votes
Article Rating
Notify of

0 Commenti
Inline Feedbacks
View all comments