(Updated) Interact with your favorite apps on Teams using Slash ( / ) Commands

🚨 The Signal: Teams introduces slash commands for apps, allowing users to invoke app functions directly from the compose box. This standardises app interaction but expands potential attack surface via third-party app functionality.

The Impact

All Teams users are affected by an increased risk of malicious app command execution and data exfiltration if unvetted third-party apps are enabled.

  • End users: Risk of inadvertently executing malicious app commands.
  • Security team: Increased attack surface from third-party app integrations.
  • App developers: Must update manifests to support new command functionality.
  • Admins: Need to review and manage app permissions more diligently.

The Action

  1. Review existing Microsoft Teams app governance policies for third-party applications.
  2. Audit currently installed Teams applications for their permissions and data access.
  3. Educate users on the risks associated with interacting with unverified app commands.
  4. Consider implementing app permission policies to restrict app capabilities.

Domain: Teams · Impact: medium · Workload: Teams