Microsoft Teams Can Be Used To Execute Arbitrary Payloads


Attackers can use genuine binaries from Microsoft Teams to execute a malicious payload using a mock installation folder for the collaboration software.

The problem affects most Windows desktop apps that use the Squirrel installation and update framework, which uses NuGet packages.

A list of impacted products, as tested by the security researcher that made the discovery, includes WhatsApp, Grammarly, GitHub, Slack, and Discord.

Read more…