Huidige implementatie van het updatemechanisme in de desktoptoepassing Microsoft Teams maakt downloaden naar het systeem en het uitvoeren van willekeurige bestanden mogelijk.
Problem also affects the desktop software GitHub, WhatApp En UiPath, maar staat alleen het laden van de payload toe.“Squirrel”, in its turn uses package manager NuGet to download necessary files.
Zoals beveiligingsonderzoekers hebben ontdekt, using the update command in vulnerable applications, you can download and execute code in the context of the current user. The same goes for ‘squirrel.exe‘.
In the case with Microsoft commands, the payload is added to the application folder and executed automatically using the Update.exe -bijwerken [url to payload] of squirrel.exe -update [url to payload] commando's.
Security researcher Reegun Richard notified Microsoft about the issue on June 4 dit jaar. Momenteel, the desktop application for Microsoft Teams is still vulnerable, since patch will arrive only in future releases.
Prior to release of the patch, Richard promises not to disclose the details of the problem. However researcher from the RingZer0 Team under the nick Mr. Un1k0d3r also discovered the problem and published the details.
Bron: https://medium.com
