Tech giants are fighting to become the de facto videoconferencing tool for remote workers in the time of COVID-19. Zoom rose to the top fast, but thanks to various security and privacy issues, was pegged back by competitors. But rivals have their flaws too, as evidenced by a weakness discovered in Microsoft’s collaboration and videoconferencing tool Teams, as revealed on Monday.
For at least three weeks from the end of February till mid-March, a malicious GIF could’ve stolen user data from Microsoft Teams accounts, possibly across an entire company, and taken control of “an organization’s entire roster of Teams accounts,” cybersecurity researchers have warned.
The relevant vulnerability was patched on April 20th, meaning users are now safe from this specific attack. But it goes to show that it isn’t just Zoom that’s vulnerable to potentially cataclysmic vulnerabilities. Other videoconferencing tools that have become hugely popular amongst populations in COVID-19 lockdown can and will be targeted too. […]