SecTeer VulnDetect & PatchPro Support Forum VulnDetect
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Download VulnDetect Installer
    • Login

    [Solved] Microsoft Teams - No longer detected (Bug)

    Scheduled Pinned Locked Moved Solved Detection Issues
    app-detectionbug
    5 Posts 2 Posters 791 Views 2 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • OLLI_SO Offline
      OLLI_S Community Moderator
      last edited by OLLI_S

      Microsoft Teams was detected in the past but currently it is no longer detected.

      Here the information extracted from the EXE file:

      File name and path:     C:\Users\melan\AppData\Local\Microsoft\Teams\current\Teams.exe
Product Name:           Microsoft Teams
Internal Name:          Teams
Original Filename:      Teams.exe

File Description:       Microsoft Teams
Company:                Microsoft Corporation
Legal Copyright:        Copyright (C) 2016 Microsoft. All rights reserved.
Legal Trademarks:       
Comments:               

File Version String:    1.5.00.9163
File Version:           1.5.0.9163
Product Version String: 1.5.00.9163
Product Version:        1.5.0.9163
      T 1 Reply Last reply Reply Quote 0
      • T Offline
        Tom VulnDetect Team Member @OLLI_S
        last edited by

        @OLLI_S I checked your account, there is one installation on a PC under your user.

        I can't see any Teams installations on other PCs or for other users.

        Can you send a PM with the host name?

        Thinking about it, there might be a natural explanation for this, which I can't check in any easy way. In the latest agent versions, we look at active users, and we only show apps that are installed under \Users\<username>\ if the user has been active within the past 7 days.

        So if the user you refer to hasn't used the PC for a long time, then the apps for that user will be hidden, even if the PC is online.

        Once the user becomes active again, the results are included (and updated) on subsequent inspections.

        /Tom
        Download the latest SecTeer VulnDetect agent here:
        https://vulndetect.com/dl/secteerSetup.exe

        OLLI_SO 1 Reply Last reply Reply Quote 0
        • OLLI_SO Offline
          OLLI_S Community Moderator @Tom
          last edited by

          @Tom Is this procedure not a possible security risk?
          Many apps install themselves in user content and if the user is not online for a week, then admins will never get the info, that there are known vulnerabilities on the machine....
          I think this is very risky.

          To test this, I logged in on the target machine as the target user (see PMs in the chat).
          Then I started a full system scan (twice).

          But Microsoft Teams is still not shown!

          T 1 Reply Last reply Reply Quote 0
          • T Offline
            Tom VulnDetect Team Member @OLLI_S
            last edited by Tom

            @OLLI_S I pushed that host to our "test" inspection processor (SCHME) and analysed the processing logs.

            The issue was that there are multiple Teams.exe files, and in rare cases, a temporary file created by the Microsoft Teams updater, got elected as the parent. But another rule set, dictates that all these temporary files should be "discarded", thus this temporary file and all it's "children" vanished.

            I've changed the logic of the bundling, so this temporary file always will be a child (if it exists). When the temporary file is discarded by the other rule set, then it won't affect the results that you and other users see.

            This was a good "catch".

            Thank you!

            (this also means that it wasn't related to the user being inactive)

            /Tom
            Download the latest SecTeer VulnDetect agent here:
            https://vulndetect.com/dl/secteerSetup.exe

            1 Reply Last reply Reply Quote 0
            • OLLI_SO Offline
              OLLI_S Community Moderator
              last edited by

              Microsoft Teams Desktop Client is now shown.
              Thank you @Tom for fixing this!

              1 Reply Last reply Reply Quote 0
              • OLLI_SO OLLI_S moved this topic from Detection Issues on
              • First post
                Last post
              Download SecTeer Personal VulnDetect - an alternative to the long lost Secunia PSI

              Please see our Privacy and Data Processing Policy
              Sponsored and operated by SecTeer | VulnDetect is a replacement for the EoL Secunia PSI
              Forum software by NodeBB