A new attack technique called “GIFShell” enables cybercriminals to exploit Microsoft Teams and carry out phishing attacks to then execute remote code and steal information. All this is achieved through animated GIF images.
Attackers are capable of exploiting different vulnerabilities of Microsoft Teams by infiltrating malicious files with the images. Since the traffic is through Microsoft servers, it is harder to detect by antivirus software, as a file from that origin is mostly considered legitimate.
The severity of this vulnerability arises from the exploitation of several vulnerabilities at once. Since the received messages are stored on the computer, malware can be stored, hidden in a file that contains a link.
For its part, Microsoft has not commented on when an update that could mitigate this vulnerability will be released. This is due to the complexity that implementing these changes requires..
Fountain: Bleeping Computer