- Microsoft Teams flaws allowed message edits, spoofed alerts, and forged caller identities
- Attackers could exploit these bugs for phishing, wire fraud, and malware delivery
- Microsoft patched CVE-2024-38197; no user action needed post-October 2025 fixes
Experts have found Microsoft Teams contained multiple vulnerabilities whioch allowed threat actors to edit messages, spoof notifications, and change user names, opening it up for different phishing and social engineering attacks, putting users at risk of data theft, wire fraud, and malware/ransomware infections.
In a new report, experts from Check Point Research detailed the flaws in the popular online collaboration platform, noting the attackers could reuse unique identifiers in the Microsoft Teams messaging system, altering the content of previously sent messages without triggering the “Edited” label.
“Sensitive conversations could be modified after the fact, eroding confidence in records and decisions,” the team warned.
Twisting the mechanics of trust
The researchers noted both mobile and desktop notifications could be manipulated to seem as if an alert was coming from a trusted executive, or colleague, which could easily be used in phishing attacks.
Furthermore, they found a way to change the displayed name in private chat conversations, by modifying the conversation topic. “Both participants see the altered topic as the conversation name, potentially misleading them about the conversation’s context.”
Finally, they found that the display name used in call notifications (and later on the call), could be modified through “specific manipulations of call initiation requests”, allowing attackers to forge caller identities.
“Attackers can twist the very trust mechanisms that make Teams effective, turning collaboration into an attack vector,” Check Point said, warning about these flaws being exploited in phishing attacks.
To combat the threat, Microsoft first labeled the flaws as CVE-2024-38197, and rolled out a “series of fixes” which concluded in October 2025. At press time, all of the flaws have been addressed and no action from the users is required.
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.
