- Microsoft Teams flaws allowed message edits, spoofed alerts and spoofed caller IDs
- Attackers could exploit these bugs for phishing, wire fraud, and malware distribution.
- Microsoft fixed CVE-2024-38197; no user action required after October 2025 patches
Experts discovered that Microsoft Teams contained multiple vulnerabilities that allowed malicious actors to edit messages, spoof notifications, and change usernames, opening it to different phishing and social engineering attacks, putting users at risk of data theft, wire fraud, and malware/ransomware infections.
In a new report, Check Point Research experts detailed flaws in the popular online collaboration platform, noting that attackers could reuse unique identifiers in the Microsoft Teams messaging system, thereby changing the content of previously sent messages without triggering the “Modified” label.
“Sensitive conversations could be changed after the fact, eroding trust in files and decisions,” the team warned.
Distorting the mechanisms of trust
Researchers noted that mobile and desktop notifications could be manipulated to make it appear as if an alert was coming from a trusted executive or colleague, which could easily be used in phishing attacks.
Additionally, they found a way to change the name displayed in private chat conversations, by changing the subject of the conversation. “Both participants see the changed subject as the name of the conversation, which could mislead them about the context of the conversation.”
Finally, they discovered that the display name used in call notifications (and later during the call) could be changed by “specific manipulations of call initiation requests”, allowing attackers to spoof the identity of the caller.
“Attackers can distort the trust mechanisms that make Teams effective, turning collaboration into an attack vector,” Check Point said, warning against exploiting these flaws in phishing attacks.
To combat the threat, Microsoft first labeled the flaws as CVE-2024-38197 and rolled out a “fix series” that ended in October 2025. As of press time, all of the flaws have been fixed and no user action is required.
The best antivirus for every budget
Follow TechRadar on Google News And add us as your favorite source to get our news, reviews and expert opinions in your feeds. Make sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp Also.
