Impact of Microsoft Teams Vulnerabilities on Windows 11 Workstations

Rohit Dua - 01 0 Reputation points
2026-06-25T11:34:08.41+00:00

Hi Team,

We are using about 100+ windows 11 workstations which are impacted with these three CVE's CVE-2023-4863 - Microsoft Teams Heap Buffer Overflow Vulnerability for Sep 2023, CVE-2023-29328 and CVE-2023-29330 - Microsoft Teams Remote Code Execution (RCE) Vulnerability for August 2023. We would like to know the impact if we do not update Microsoft Teams for the users who are local admins and rarely logged in and use the application on those devices.

Regards

Microsoft Teams | Microsoft Teams for business | Other
0 comments No comments

1 answer

Sort by: Most helpful
  1. Julie Huynh 1,530 Reputation points Independent Advisor
    2026-06-25T12:45:58.04+00:00

    Dear @Rohit Dua - 01,

    Good day! Welcome to Microsoft Q&A forum!

    Based on your description, I understand that your organization has over 100 Windows 11 workstations affected by Microsoft Teams vulnerabilities (CVE-2023-4863, CVE-2023-29328, and CVE-2023-29330), and you’re assessing the impact of not updating Teams on devices used infrequently by local admin users.

    With the nature of these vulnerabilities, it is generally recommended to update Microsoft Teams across all devices, even if usage is infrequent or limited to local admin users. While less frequent use may reduce exposure, it does not remove the risk. These vulnerabilities include remote code execution scenarios, which can still be triggered when the application is opened and interacting with content.

    Therefore, some of the suggestions for this situation would be:

    • Update Microsoft Teams to the latest version on all workstations (including rarely used ones)
    • Remove any outdated Teams installations from inactive profiles
    • Review and minimize local administrator access where possible
    • Ensure endpoint protection is enabled and up to date

    Even for rarely used systems, leaving known high-severity vulnerabilities unpatched can create long-term exposure, especially when devices reconnect to the network after extended periods.

    I hope it helps clarify this matter.

    Kindly let me know when there are updates or if you need further assistance. Any updates you’re able to share would be really helpful.

    Thank you for your time and patience.


    If you have extra questions about this answer, please click "Comment". 

    Note: Please follow the steps in [our documentation] to enable e-mail notifications if you want to receive the related email notification for this thread. 

    Was this answer helpful?

    0 comments No comments

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.