Researchers Warn of Eye-Opening Vulnerabilities Within Microsoft Teams; Patched as of Now

These days you never know which platform or website attackers are trying to break into. Thankfully, there are some awesome cybersecurity companies that keep tab on all these loopholes. Now, a fresh report from one of those, Check Point Research, has detailed multiple security flaws in Microsoft Teams.

In a report published yesterday, Check Point Research details multiple ways attackers can alter chat content, forge identities, and steal display names. This eventually lets attackers have access to your chats and alter conversations without users realizing it. Thinking of this in regards with the active numbers (320 million) of users, it’s quite an eye-opening finding.

The report mentions that “invisible message editing” is one of the major concerns in the context of Microsoft Teams. Here’s what the report says about this flaw:

By reusing unique identifiers in the Teams messaging system, attackers could alter the content of previously sent messages—without triggering the standard “Edited” label. The result: a silent rewrite of history. Sensitive conversations could be modified after the fact, eroding confidence in records and decisions.

The report also warns users about another loophole that involves spoofed notifications, where alerts appeared to come from known executives. You can check the example of it below and read what the report says about this issue:

Notifications, whether on mobile or desktop, are designed to capture immediate attention. Check Point Research found that attackers could manipulate notification fields so that an alert appears to come from a trusted executive or colleague.

The cybersecurity company also identified a vulnerability that “allows an attacker to change the displayed name in private chat conversations by modifying the conversation topic. Both participants see the altered topic as the conversation name, potentially misleading them about the conversation’s context.”

Last but not least, the report talks about how attackers forge caller identity during voice and video calls. Explaining how attackers do it, Count Point Research notes that “the display name used in call notifications (and later on during call itself) could be arbitrarily modified through specific manipulations of call initiation requests.”

Fortunately, Microsoft has since addressed these vulnerabilities, tracked as CVE-2024-38197. The company reportedly pushed updates between 2024 and October 2025.

However, Check Point Research warns that the implications go beyond Teams and urges companies to adopt layered security strategies. They can do so via malware protection, DLP, and anomaly detection across all communication platforms.