From securityaffairs.co
Security experts from Trustwave detailed the Living Off the Land technique that could allow a threat actor to abuse the MS Teams Updater to download any binary or malicious payload from a remote server.
The bad news is that the issue could not be easily addressed because it is a design flaw.
The solution previously proposed to address the Teams issue consists in restricting its ability to update via a URL. Instead, the updater allows local connections via a share or local folder for product updates.