Researchers from Check Point Research identified critical vulnerabilities in Microsoft Teams that can enable attackers to manipulate messages, spoof notifications, and impersonate users, including executives. They uncovered four specific flaws. First, attackers can edit messages without triggering the “edited” label that typically indicates a change. Second, they can manipulate message notifications to appear as though they come from a different sender. Third, display names in private chats can be altered, and fourth, caller identities in video and audio calls can be changed. Microsoft Teams is widely used, with over 320 million users, making these vulnerabilities particularly concerning. The report highlights a growing trend of social engineering and vishing attacks targeting corporate leaders and public figures, where hackers exploit such weaknesses to spread disinformation or conduct business email compromise (BEC) attacks. Check Point noted that these vulnerabilities require significant fixes to the platform, each adding layers of logic to mitigate the problems. Microsoft has tracked one of these vulnerabilities, specifically the notification spoofing issue, as CVE-2024-38197. They provided guidance on it last year and addressed other related flaws in October. The latest fixes, completed last month, focused on issues with audio and video messaging.