Squirrel Exploit Leaves Microsoft Teams Vulnerable to Privilege Escalation


Microsoft’s collaboration platform Teams has a vulnerability that allows any user to insert malicious code into the application; gifting control while escalating privileges.

Researchers have found that the Microsoft Teams vulnerability can be manipulated by executing an update command in the desktop version of the application.

(Microsoft Teams is a collection of enterprise collaboration tools, comprising Office 365, a SharePoint Online site and a document library to store team files.)

This issue also affects the desktop versions of WhatsApp, UiPath and GIthub, however in their case the vulnerability can only be used to download a payload.

Click on a tab to select how you'd like to leave your comment

Leave A Reply

Your email address will not be published.