Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

Microsoft Teams desktop client rolls out separate calling process and new security controls

Security Tool/Service
First reported
Last updated
Happening score
H score 10
1 unique sources, 1 articles

Summary

Hide ▲

Microsoft Teams Desktop Client for Windows is rolling out ms-teams_modulehost.exe in January 2026, splitting calling features into a separate process and changing how the app is handled by endpoint security tools. The update is meant to improve call startup and meeting performance while reducing false-positive detections. Teams is also expanding protections against malicious URLs, malicious file types, and screen-capture attempts in meetings and chats.

Related Happenings

Microsoft Teams on macOS repeated location-prompt service disruption

Service Disruption
First: 19.05.2026 19:10 Last: 19.05.2026 19:10 Sources 1

About this happening: Microsoft confirmed a **Microsoft Teams on macOS** service disruption that causes **non-dismissible location prompts** for some users, interrupting normal app use for those who en...

Open Happening

KongTuke Microsoft Teams initial access campaign

Campaign
First: 14.05.2026 15:12 Last: 14.05.2026 15:12 Sources 1

About this happening: The **KongTuke** campaign now uses **Microsoft Teams** social engineering to gain persistent access to **corporate networks**, shortening initial compromise to **under five minute...

Open Happening

MuddyWater Microsoft Teams social-engineering campaign with Chaos ransomware decoy

Campaign
First: 06.05.2026 16:02 Last: 06.05.2026 16:02 Sources 1

About this happening: The **MuddyWater** campaign used **Microsoft Teams** social engineering and a **Chaos ransomware** decoy to gain access, steal credentials, and establish persistence. The operatio...

Open Happening

Microsoft Windows RDP security warning dialog rendering issue after April 2026 updates

Security Tool/Service
First: 28.04.2026 12:51 Last: 28.04.2026 12:51 Sources 1

About this happening: **Microsoft** confirmed that newly introduced **Windows security warnings** for opening **Remote Desktop (.rdp) files** can display incorrectly, reducing users' ability to review...

Open Happening

Snow malware suite deployment by UNC6692

Malware Activity
First: 25.04.2026 18:07 Last: 25.04.2026 18:07 Sources 1

About this happening: UNC6692 has deployed the **Snow** malware suite through **social engineering**, creating a stealthy path to **credential theft** and **domain compromise**. The operation uses **em...

Open Happening

Timeline

  1. 25.11.2025 16:24 2 articles · 6mo ago

    Microsoft Teams desktop client rolls out separate calling process and new security controls

    Initial Disclosure

    Beginning in **early January 2026**, Teams will separate calling functions into a new **ms-teams_modulehost.exe** process. The rollout also broadens chat and meeting protections against **malicious links**, **file types**, and **screen capture**.

    Show sources
    Open in new tab