Scope of impact: This issue may have potentially impacted any user with Microsoft Teams installed on an Android device. We've confirmed that no further unexpected notifications are being sent to users' Android devices. Our investigation shows no indication that these messages were malicious in nature however, we recommend dismissing any of these notifications that were received during the event without interacting with them.įinal status: We've isolated the source of the issue and applied a mitigation. More info: Users may have received notifications that stated: "FCM Messages : Test Notifications" or other similar variations of this message. User Impact: Users were receiving unexpected notifications via Teams on their Android mobile devices. Latest message: Title: Some users may receive unexpected Test notifications on their Android devices User impact: Users were receiving unexpected notifications via Teams on their Android mobile devices. Start time: Aug1:30 PM, End time: Aug11:55 PM TM221041, Microsoft Teams, Last updated: Aug12:58 AM Some users may receive unexpected Test notifications on their Android devices There is a Google Hangout support thread that's going on since past two days on the same question: ⚠️ Some people are now reporting that they are receiving messages "FCM test notificationsss" which seems more suspicious! More Update:1:55 pm, Thursday, 27 August 2020, Greenwich Mean Time (GMT) Who knows there would be more App being impacted. Though the alert messages seem harmless and can be ignored for now until we get clarification from big giants like Google and Microsoft. These messages seems related and linked to the reported FCM vulnerability. FCM is used by many Apps to deliver push notifications. There was a recent vulnerability reported for Firebase Cloud Messaging (FCM), allowing to exploit FCM keys stored in APK files in order to broadcast messages to anyone using a Firebase based application. App opens normally and does not redirect anywhere, just opens the respective Teams/Hangouts App.Clicking the notification card opens the App.Sudden FCM messages popup on mobile phone.Testing Notifcation from Microsoft to investigate this problemĬlicking on the notification open up the respective App. Many people using Microsoft Teams and Google Hangouts have reported that they have received multiple strange alters in form of push notification on their Android/iOS mobile devices. "Notifcation" which definitely makes it more suspicious! This is mostly probably linked to some Firebase exploit. If yiy watch closely the spelling of Notifation is incorrect. Now we have ROUND 2 of such messages, most of us would be getting messages like - "Testing Notifcation from Microsoft to investigate this problem". Further updates will be provided under the SI TM221041 in your admin center. We're investigating an issue where users are receiving Test notifications on their mobile devices. ⚡️ Official word from Microsoft on twitter: Microsoft Teams FCM Message Screenshot Lates Update:
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |