Positive Security cybersecurity researchers found high severity vulnerabilities in Microsoft Teams. A flaw threatens the users of the platform with phishing attacks or distribution of malicious links.

Positive Security notified Microsoft about the problems back in March, but the international vendor has patched only one vulnerability. This refers to the vulnerabilities in the link preview feature: clicking on the preview opens a link different than the one the user expects.

This could be used either for phishing attacks or to hide malicious links, according to Positive Security. In addition, the company notes that Android users are at risk of IP address leaks because of these vulneranilities.

Source: securitylab.ru