Cybersecurity researchers have revealed four critical vulnerabilities in Microsoft Teams that could have allowed attackers to impersonate colleagues, manipulate messages, and carry out social engineering attacks on users.
The flaws, discovered by Check Point Research, enabled threat actors to alter conversations, spoof sender identities, and exploit notifications to make malicious messages appear as if they came from trusted sources, including senior executives.
According to Check Point’s report, the issues were responsibly disclosed to Microsoft in March 2024. Microsoft addressed some of them in August 2024 under CVE-2024-38197, with additional security patches released in September 2024 and October 2025.
How the Microsoft Teams Vulnerabilities Worked
Researchers found that the vulnerabilities made it possible to:
- Edit message content without showing the “Edited” label.
- Change sender identity in both chat and notifications.
- Modify display names in private chats, calls, and call notifications.
These flaws could allow attackers to trick employees into clicking malicious links, sharing confidential data, or granting unauthorized access, posing significant risks to both internal and external communications.
Microsoft’s Response
Microsoft categorized CVE-2024-38197 as a medium-severity spoofing vulnerability (CVSS score: 6.5) affecting Teams for iOS. The flaw could enable attackers to modify a sender’s name and conduct social engineering attacks to extract sensitive information.
In a recent security advisory, Microsoft emphasized that Microsoft Teams’ widespread adoption and extensive collaboration features make it a prime target for cybercriminals and state-sponsored actors. Attackers have increasingly exploited Teams’ chat, calls, and screen-sharing functions as part of broader phishing and impersonation campaigns.
Industry Insight
Oded Vanunu, Head of Product Vulnerability Research at Check Point, highlighted the growing risk of trust-based attacks:
“These vulnerabilities hit at the heart of digital trust. Collaboration platforms like Teams are now as critical as email — and just as exposed,” said Vanunu.
“Threat actors don’t need to break in anymore; they just need to bend trust. Seeing isn’t believing anymore — verification is.”
Protecting Against Teams Exploits
Organizations are advised to:
- Apply the latest Microsoft Teams updates and patches immediately.
- Educate employees about impersonation and phishing risks.
- Implement advanced threat protection tools and zero-trust verification for collaboration platforms.
As the reliance on Microsoft Teams continues to grow across enterprises, these findings underscore the importance of vigilance, patch management, and digital trust protection in modern communication environments.
Leave A Comment