Shulou(Shulou.com)11/24 Report--

CTOnews.com, June 27, JUMPSEC Security Analytics' Max Corbridge and Tom Ellson recently discovered a vulnerability in the latest version of Microsoft Teams that allows hackers to bypass client security controls, invade other teams, and send malicious programs with Trojans to team members.

Microsoft Teams allows any user with a Microsoft account to establish a "business or organization," JUMPSEC said. Users in one organization can send messages to users in another organization.

The JUMPSEC team of ▲ source JUMPSEC security analytics thought there was a loophole in the logic. It took them 10 minutes to bypass security controls and send malicious programs with Trojans to users of other organizations.

CTOnews.com, a ▲ source JUMPSEC security analyst, notes that Microsoft has so far acknowledged the vulnerability, but has not yet begun to fix it. JUMPSEC said that for security reasons, Microsoft Teams users can directly disable the option in the settings to prevent hackers from using the vulnerability to send malicious programs to the team.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.