{"id":36460,"date":"2020-08-05T16:25:00","date_gmt":"2020-08-05T16:25:00","guid":{"rendered":"https:\/\/www.darkreading.com\/attacks-breaches\/microsoft-teams-vulnerable-to-patch-workaround-researchers-report\/d\/d-id\/1338583"},"modified":"2020-08-05T16:25:00","modified_gmt":"2020-08-05T16:25:00","slug":"microsoft-teams-vulnerable-to-patch-workaround-researchers-report","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/microsoft-teams-vulnerable-to-patch-workaround-researchers-report\/","title":{"rendered":"Microsoft Teams Vulnerable to Patch Workaround, Researchers Report"},"content":{"rendered":"<header><\/header>\n<p><span class=\"strong black\">Attackers could work around an earlier patch and use Microsoft Teams Updater to download binaries and payloads.<\/span><\/p>\n<p class>Security researchers have discovered a way to use the Microsoft Teams Updater to download malware, bypassing a patch released earlier this year and flying under security teams&#8217; radar.<\/p>\n<p>This method would let an attacker use Microsoft Teams Update[.]exe as a living-off-the-land binary (LOLbin). Living off the land is an especially dangerous technique as it uses known, common tools to download and execute malware from a location of the attackers&#8217; choosing.<\/p>\n<p>&#8220;You can use that binary to download any arbitrary binary that you want,&#8221; says Karl Sigler, senior security research manager at Trustwave SpiderLabs. Teams is appealing software for living-off-the-land attacks because it&#8217;s likely already installed on potential victims&#8217; systems. Furthermore, Teams traffic is usually so noisy that it&#8217;s easy for malicious traffic to evade detection.<\/p>\n<p>SpiderLabs&#8217; Reegun Jayapaul discovered a vulnerability enabling this attack vector last year. He found Teams could download via HTTP or HTTPS, meaning attackers could point to the web server where their payload was hosted and download directly from there. Microsoft issued a fix to prevent HTTP functionality so Teams could only download updates via local shares provided by the administrative team.<\/p>\n<p>The problem, he recently found, was Microsoft&#8217;s patch was not complete. Even though HTTP and HTTPS were eliminated as download options, an attacker could work around the fix by pointing to a remote Server Message Block (SMB) share. The attacker could set up a Samba server, which could be available via SMB, and point to the UNC share to download any arbitrary binary they want.<\/p>\n<p>&#8220;It&#8217;s a vulnerability in how Teams downloads updates that would allow an attacker to potentially download their own payload instead of a legitimate update from Teams,&#8221; Sigler says. To exploit it, an attacker would first need to get the malicious file inside the network in an open shared folder, then access the payload from that share to the victim machine.<\/p>\n<p>The first step in <a href=\"https:\/\/www.trustwave.com\/en-us\/resources\/blogs\/spiderlabs-blog\/microsoft-teams-updater-living-off-the-land\/\" target=\"_blank\" rel=\"noopener noreferrer\">Jayapaul&#8217;s research process<\/a> was setting up a remote Samba server for remote, public access. Samba is open source software typically installed on a Linux system, Sigler notes, and it allows the system to provide a share to a Windows network. Attackers would need to post their payload to the Samba server.<\/p>\n<p>&#8220;The payload needs to be constructed like a Windows Update, so the attacker would have to do a little bit of prep ahead of time in order to create the package properly, so it looks like an update for Teams,&#8221; Sigler explains. If someone had access to a Teams package from Microsoft&#8217;s website, they could open it up, remove the updater, add the payload, and recompress it.<\/p>\n<p>With the Samba server set up and the package created, it&#8217;s just a matter of finding a foothold, he continues. Intruders may get in via phishing attack, user interaction, or another exploit. From there, they would use Teams as a downloader to bring in the payload and expand their access.&nbsp;<\/p>\n<p>&#8220;We have a legitimate binary on the system \u2014 Microsoft Teams \u2014 that we can use as that component,&#8221; Sigler says. &#8220;It won&#8217;t be flagged by any administrator because it&#8217;s legitimate software for the network. \u2026 [You] don&#8217;t need any sort of privilege escalation, don&#8217;t need anything but access to that victim&#8217;s account on the target system to download it.&#8221;<\/p>\n<p>Trustwave reached out to Microsoft as part of its responsible disclosure process. Microsoft said that this is a design issue and it does not plan to issue a patch because many of its customers distribute updates via UNC share.&nbsp;<\/p>\n<p>The company does recommend other workarounds, says Sigler. Businesses can lock down their registry so attackers can&#8217;t add the SMB server as an authenticated server to download updates from, which would be one of the steps an attacker would have to complete in order to successfully pull off this attack. There are also standard best practices, Sigler adds. These include limiting SMB in and out of your perimeter network. If your firewall is blocking SMB out of your network, then an attacker can&#8217;t point to a remote share to download malware.<\/p>\n<p>Sigler also advises monitoring networks for Teams update activity, which can flag if this sort of attack is occurring on the network.<\/p>\n<p><strong>Related Content:<\/strong><\/p>\n<div readability=\"9.4217391304348\">\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/img.deusm.com\/darkreading\/MarilynCohodas\/VIRTUAL-BLACKHAT-VPLUG_468x60.png\" alt width=\"468\" height=\"60\"><\/p>\n<p><em><strong>&nbsp;<\/strong><\/em><\/p>\n<p><em><strong>&nbsp;<\/strong><\/em><\/p>\n<p><em><strong>Register now for this year&#8217;s fully virtual Black Hat USA, scheduled to take place August 1\u20136, and get more information about the event on the Black Hat website. Click for details on <a href=\"https:\/\/www.blackhat.com\/us-20\/\" target=\"_blank\" rel=\"noopener noreferrer\">conference information<\/a>&nbsp;and <a href=\"https:\/\/blackhat.informatech.com\/usa\/2020\/\" target=\"_blank\" rel=\"noopener noreferrer\">to register<\/a>.<\/strong><\/em><\/p>\n<\/div>\n<p><span class=\"italic\">Kelly Sheridan is the Staff Editor at Dark Reading, where she focuses on cybersecurity news and analysis. She is a business technology journalist who previously reported for InformationWeek, where she covered Microsoft, and Insurance &amp; Technology, where she covered financial &#8230; <a href=\"https:\/\/www.darkreading.com\/author-bio.asp?author_id=837\">View Full Bio<\/a><\/span><\/p>\n<p><strong>Recommended Reading:<\/strong><\/p>\n<p><span class=\"smaller strong red allcaps\">More Insights<\/span><\/p>\n<p>Read More <a href=\"https:\/\/www.darkreading.com\/attacks-breaches\/microsoft-teams-vulnerable-to-patch-workaround-researchers-report\/d\/d-id\/1338583?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Attackers could work around an earlier patch and use Microsoft Teams Updater to download binaries and payloads. Read More <a href=\"https:\/\/www.darkreading.com\/attacks-breaches\/microsoft-teams-vulnerable-to-patch-workaround-researchers-report\/d\/d-id\/1338583?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple\">HERE<\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[151],"tags":[],"class_list":["post-36460","post","type-post","status-publish","format-standard","hentry","category-darkreading-ti"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Microsoft Teams Vulnerable to Patch Workaround, Researchers Report 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/microsoft-teams-vulnerable-to-patch-workaround-researchers-report\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Microsoft Teams Vulnerable to Patch Workaround, Researchers Report 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/microsoft-teams-vulnerable-to-patch-workaround-researchers-report\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2020-08-05T16:25:00+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/img.deusm.com\/darkreading\/MarilynCohodas\/VIRTUAL-BLACKHAT-VPLUG_468x60.png\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-teams-vulnerable-to-patch-workaround-researchers-report\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-teams-vulnerable-to-patch-workaround-researchers-report\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Microsoft Teams Vulnerable to Patch Workaround, Researchers Report\",\"datePublished\":\"2020-08-05T16:25:00+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-teams-vulnerable-to-patch-workaround-researchers-report\\\/\"},\"wordCount\":826,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-teams-vulnerable-to-patch-workaround-researchers-report\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/img.deusm.com\\\/darkreading\\\/MarilynCohodas\\\/VIRTUAL-BLACKHAT-VPLUG_468x60.png\",\"articleSection\":[\"DarkReading |TI\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-teams-vulnerable-to-patch-workaround-researchers-report\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-teams-vulnerable-to-patch-workaround-researchers-report\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-teams-vulnerable-to-patch-workaround-researchers-report\\\/\",\"name\":\"Microsoft Teams Vulnerable to Patch Workaround, Researchers Report 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-teams-vulnerable-to-patch-workaround-researchers-report\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-teams-vulnerable-to-patch-workaround-researchers-report\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/img.deusm.com\\\/darkreading\\\/MarilynCohodas\\\/VIRTUAL-BLACKHAT-VPLUG_468x60.png\",\"datePublished\":\"2020-08-05T16:25:00+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-teams-vulnerable-to-patch-workaround-researchers-report\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-teams-vulnerable-to-patch-workaround-researchers-report\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-teams-vulnerable-to-patch-workaround-researchers-report\\\/#primaryimage\",\"url\":\"https:\\\/\\\/img.deusm.com\\\/darkreading\\\/MarilynCohodas\\\/VIRTUAL-BLACKHAT-VPLUG_468x60.png\",\"contentUrl\":\"https:\\\/\\\/img.deusm.com\\\/darkreading\\\/MarilynCohodas\\\/VIRTUAL-BLACKHAT-VPLUG_468x60.png\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/microsoft-teams-vulnerable-to-patch-workaround-researchers-report\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Microsoft Teams Vulnerable to Patch Workaround, Researchers Report\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Microsoft Teams Vulnerable to Patch Workaround, Researchers Report 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/microsoft-teams-vulnerable-to-patch-workaround-researchers-report\/","og_locale":"en_US","og_type":"article","og_title":"Microsoft Teams Vulnerable to Patch Workaround, Researchers Report 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/microsoft-teams-vulnerable-to-patch-workaround-researchers-report\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2020-08-05T16:25:00+00:00","og_image":[{"url":"https:\/\/img.deusm.com\/darkreading\/MarilynCohodas\/VIRTUAL-BLACKHAT-VPLUG_468x60.png","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/microsoft-teams-vulnerable-to-patch-workaround-researchers-report\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/microsoft-teams-vulnerable-to-patch-workaround-researchers-report\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Microsoft Teams Vulnerable to Patch Workaround, Researchers Report","datePublished":"2020-08-05T16:25:00+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/microsoft-teams-vulnerable-to-patch-workaround-researchers-report\/"},"wordCount":826,"commentCount":0,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/microsoft-teams-vulnerable-to-patch-workaround-researchers-report\/#primaryimage"},"thumbnailUrl":"https:\/\/img.deusm.com\/darkreading\/MarilynCohodas\/VIRTUAL-BLACKHAT-VPLUG_468x60.png","articleSection":["DarkReading |TI"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.threatshub.org\/blog\/microsoft-teams-vulnerable-to-patch-workaround-researchers-report\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/microsoft-teams-vulnerable-to-patch-workaround-researchers-report\/","url":"https:\/\/www.threatshub.org\/blog\/microsoft-teams-vulnerable-to-patch-workaround-researchers-report\/","name":"Microsoft Teams Vulnerable to Patch Workaround, Researchers Report 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/microsoft-teams-vulnerable-to-patch-workaround-researchers-report\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/microsoft-teams-vulnerable-to-patch-workaround-researchers-report\/#primaryimage"},"thumbnailUrl":"https:\/\/img.deusm.com\/darkreading\/MarilynCohodas\/VIRTUAL-BLACKHAT-VPLUG_468x60.png","datePublished":"2020-08-05T16:25:00+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/microsoft-teams-vulnerable-to-patch-workaround-researchers-report\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/microsoft-teams-vulnerable-to-patch-workaround-researchers-report\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/microsoft-teams-vulnerable-to-patch-workaround-researchers-report\/#primaryimage","url":"https:\/\/img.deusm.com\/darkreading\/MarilynCohodas\/VIRTUAL-BLACKHAT-VPLUG_468x60.png","contentUrl":"https:\/\/img.deusm.com\/darkreading\/MarilynCohodas\/VIRTUAL-BLACKHAT-VPLUG_468x60.png"},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/microsoft-teams-vulnerable-to-patch-workaround-researchers-report\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Microsoft Teams Vulnerable to Patch Workaround, Researchers Report"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/36460","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=36460"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/36460\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=36460"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=36460"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=36460"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}