Cybersecurity researchers have identified a vulnerability in Microsoft Teams related to guest access that allows attackers to bypass Microsoft Defender protections. This flaw enables malicious actors to create unprotected environments and conduct stealthy attacks using external invitations. #MicrosoftTeams #GuestAccessVulnerability
Keypoints
- Attackers can exploit guest access in Microsoft Teams to bypass security protections.
- The new feature in Teams allows users to chat with anyone via email, increasing external collaboration risks.
- Microsoft Defender for Office 365 protections may not apply when a user joins an external tenant as a guest.
- Attackers can create malicious tenants with disabled safeguards using low-cost licenses.
- Organizations should restrict external collaboration settings and educate users about unsolicited invites.
Read More: https://thehackernews.com/2025/11/ms-teams-guest-access-can-remove.html