The Gaming Boardroom

Researchers warn of flaws that allow manipulation of Microsoft Teams messages

Steve Tyler Leave a comment

Researchers warn of flaws that allow manipulation of Microsoft Teams messages

Summary

Check Point Research has disclosed four vulnerabilities in Microsoft Teams that could let attackers alter messages, spoof notifications, change display names in private chats and falsify caller identities in audio/video calls. Microsoft tracked one issue as CVE-2024-38197 and has been issuing fixes through 2024 and 2025; the most recent updates addressed audio and video message issues. The flaws could be exploited by external hackers or malicious insiders to support social engineering, vishing and business email compromise (BEC) attacks against organisations and executives.

Key Points

  • Check Point uncovered four distinct Teams flaws enabling message manipulation, notification spoofing and identity forging in calls.
  • An attacker could edit messages without leaving an “edited” marker, hiding changes to conversation history.
  • Notification content and sender fields could be manipulated so alerts appear to come from someone else.
  • Display names in private chats and caller identities in audio/video sessions could be altered, aiding impersonation attacks.
  • Microsoft issued guidance for CVE-2024-38197 and has deployed layered fixes; recent patches focused on audio/video vulnerabilities.

Content summary

Researchers at Check Point identified four vulnerabilities that, in combination, let attackers tamper with Teams messages and impersonate users across notifications, chats and calls. The practical outcomes include altered message content without traceable markers, forged notifications that misattribute senders, changed display names in private chats and faked caller IDs in meetings or calls.

Teams is widely used in enterprise environments (over 320 million users), making these flaws particularly risky for organisations that rely on it for sensitive communications. Check Point said fixes required adding multiple logic layers to the Teams platform; Microsoft has tracked at least one issue as CVE-2024-38197 and rolled out related mitigations through 2024 and into 2025.

Context and relevance

This matters because attackers increasingly use social engineering, vishing and BEC attacks to target executives and privileged accounts. Manipulable messaging and caller identity features make it far easier for adversaries to craft convincing fraudulent requests or disinformation that appears authentic within enterprise workflows. For security teams, the finding underscores the need for robust patch management, multi-factor authentication, monitoring for anomalous message edits or call metadata and educating users to verify requests through secondary channels.

Author style

Punchy: This is not a minor UI bug — it’s a vector that helps attackers convince people to act. If you manage comms, security or exec protection, the details here are worth a proper look.

Why should I read this?

Short and real: if you run Teams or work with execs, this piece tells you there were practical ways to fake messages and calls — and that Microsoft has been patching them. Read it so you know the exact risks and can check your patch status, MFA settings and staff guidance. We’ve cut through the tech-speak so you don’t have to dig through the full report unless you need to.

Source

Source: https://www.hrdive.com/news/researchers-flaws-manipulation-microsoft-teams-messages/804674/

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *

Copyright © 2026 The Gaming Boardroom. All rights reserved.