Experts urge immediate action: restrict guest invitations to explicitly trusted domains and configure Teams to block B2B connections from unknown domains, prioritizing configuration changes over patches.

The Hacker News has sought comment from Microsoft, but the article has not yet provided an official response.

A combination of permissive guest invitations and a new default chat capability heightens the risk of phishing, malware delivery, data exfiltration, and large-scale social engineering across organizations.

If a victim accepts a guest invite, attackers can conduct phishing or malware distribution within the attacker’s tenant without triggering the victim organization’s security controls.

The flaw in Microsoft Teams B2B Guest Access lets attackers bypass a company’s Defender protections when users engage with external partners, because security ends up governed by the hosting tenant rather than the user’s home organization.

Researchers warn of a cross-tenant blind spot: protections are determined by the hosting tenant, not the user’s home organization.

Industry voices frame this as an architectural/configuration vulnerability, not a simple bug, requiring policy and tenant configuration changes to curb risky guest access.

Microsoft is rolling out a feature that lets any email address start a chat, including non-Teams users, with default enablement; organizations can disable via policy but cannot fully block received invitations.

Accepting a guest invite moves a user out of home security controls, disabling protections like Safe Links and Zero-hour Auto Purge, allowing attackers to create accounts with minimal setup and few safeguards.

A November 2025 default enables chats with any email, including non-Teams users, making it easy to send invitations that land victims in unprotected environments.

Invitations originate from Microsoft infrastructure, reducing the effectiveness of SPF/DKIM/DMARC checks and increasing phishing or malware risk if invites are accepted.

A hypothetical attacker could create a low-cost Microsoft 365 tenant (like Teams Essentials) without Defender for Office 365 and invite a victim to join as a guest, bypassing the victim’s defenses.