Microsoft Teams: Teams Town hall screen management privileges in Teams Rooms on Windows

🚨 The Signal: Teams Rooms on Windows can now manage Town Hall events as co-organizers or presenters. This expands control over live events, including attendee visibility and presenter promotion, potentially increasing the attack surface for unauthorized event manipulation.

The Impact

Teams event organizers and security teams are affected by new delegation capabilities, creating a risk of unauthorized event control if not properly managed.

• Event Organizers: Risk of unauthorized event control if co-organizer/presenter roles are misused.
• Security Teams: Need to review and update policies for Teams Town Hall role assignments.
• IT Admins: Must ensure Teams Rooms are configured securely and roles are assigned judiciously.

The Action

1. Review existing Teams Town Hall policies for co-organizer and presenter role assignments.
2. Educate event organizers on the new capabilities and the importance of secure role delegation.
3. Implement a 'least privilege' approach when assigning Teams Rooms as co-organizers or presenters in Town Halls.

Domain: Teams · Impact: medium · Workload: Teams · Essential Eight: Restrict Administrative Privileges · ISM: ISM-0445, ISM-1175, ISM-1380, ISM-1507, ISM-1508, ISM-1509, ISM-1647, ISM-1648, ISM-1650, ISM-1686, ISM-1688, ISM-1689, ISM-1883, ISM-1897, ISM-1898