Four vulnerabilities in Microsoft Teams, unpatched since March, allowed link spoofing of URLs and opened the door to DoS attacks against Android users, researchers said.
Researchers from Positive Security discovered four bugs in the feature earlier this year and told Microsoft about the issues on March 10.
So far, only one of the bugs—a bug allowing attackers to leak Android IP addresses—appears to have been patched by the company, researcher Fabian Bräunlein said
in a blog post published Wednesday.
Positive Security researchers “stumbled upon” the vulnerabilities when they were looking for a way to bypass Teams’ Electron’s Same-Origin Policy (SOP), he wrote in the report. SOP is security mechanism of browsers that aims to prevent websites from attacking each other.
Researchers discovered that one potential way to bypass the SOP in Teams is to abuse the link preview feature by letting the client generate a link preview for the target page, and then using the summary text or performing optical character recognition (OCR) on the preview image to extract information.
threatpost.com
