Hackers can abuse Microsoft Teams updater to deliver malicious payloads

From securityaffairs.co

Security experts from Trustwave detailed the  Living Off the Land technique that could allow a threat actor to abuse the MS Teams Updater to download any binary or malicious payload from a remote server.

The bad news is that the issue could not be easily addressed because it is a design flaw.

The solution previously proposed to address the Teams issue consists in restricting its ability to update via a URL. Instead, the updater allows local connections via a share or local folder for product updates.

Read more…