Security News Microsoft Authenticator could leak login codes—update your app now

[Brownie2019]

Content source

https://www.malwarebytes.com/blog/news/2026/03/microsoft-authenticator-could-leak-login-codes-update-your-app-now

A vulnerability in Microsoft Authenticator for both iOS and Android (CVE-2026-26123) could leak your one-time sign-in codes or authentication deep links to a malicious app on the same device.

Deep links are predefined URIs (Uniform Resource Identifiers) that allow direct access to an activity in a web or mobile application when clicked. In simple terms, they are specifically constructed links used to open an app and complete actions like signing in.

Microsoft Authenticator is a mobile app that generates time-based one-time codes and handles sign-in links and QR-based logins for Microsoft and other accounts. It is widely used for multi-factor authentication (MFA) on personal phones, including BYOD (Bring Your Own Device) devices that protect access to corporate and production services.

Read more:

Microsoft Authenticator could leak login codes—update your app now

A bug in Microsoft Authenticator on Android and iOS could allow malicious apps on the same device to intercept authentication codes or sign-in links.

www.malwarebytes.com

 

[blackice]

My Authenticator updated automatically yesterday on iOS.

 

[Halp2001]

Microsoft Authenticator – Critical Update The latest version of the app already fixes the CVE-2026-26123 vulnerability, which could leak login codes and authentication links. However, the rollout on Google Play and App Store is gradual by region and device, so some users may still see earlier versions such as 6.2602.0889.

Recommendation:

• Check the version installed on your phone.
• If the update option hasn’t appeared yet, wait a few days, as the patch is being released progressively.
• Keeping security apps up to date is essential to protect both personal and corporate accounts.
• 

 

[blackice]

Microsoft Authenticator – Critical Update The latest version of the app already fixes the CVE-2026-26123 vulnerability, which could leak login codes and authentication links. However, the rollout on Google Play and App Store is gradual by region and device, so some users may still see earlier versions such as 6.2602.0889.

Recommendation:

• Check the version installed on your phone.
• If the update option hasn’t appeared yet, wait a few days, as the patch is being released progressively.
• Keeping security apps up to date is essential to protect both personal and corporate accounts.
• 

What is the latest version? The article doesn’t say that I can see.

 

[Halp2001]

What is the latest version? The article doesn’t say that I can see.

The latest version available on Android is 6.2603.1485, released on March 10, 2026.
For iOS users, the latest version available in the App Store is 6.8.43 (released around March 11-12, 2026).

 

[Wrecker4923]

The CVE said March 10th, matching some other sites.

 

[MWTSenior]

That should not happen at least with authenticator apps.