A script to find those out-of-date and unsupported Teams installers on "shared use" machines which are vulnerable.
We have found that on a number of occassions (one client having a machine shared by over 100 people) that the Microsoft Teams Wide Installer may have not updated correctly since it was last used by one of those users.
The "unsupported" Teams Wide Installer is therefore unsupported software installed on the machine and some versions of the installer have vulnerabilities which have been patched, but remain on the system, until that user logs in.
The below script (new and not fully tested - available for you to test and use) has been created to search for the Teams Wide Installer and remove it.
#Detects AppData versions of teams and remove if out of date
#Download and install latest version of teams msi if any profiles have teams removed
$TeamsVersion = '1.4.00.4166'
$Destination = 'C:\users\*\AppData\Local\Microsoft\Teams\'
$Installer = 'https://teams.microsoft.com/downloads/desktopurl?env=production&plat=windows&arch=x64&managedInstaller=true&download=true'
Get-Item $Destination | ForEach-Object {
Write-Host Getting Teams Version
If ((Get-Item $_\current\Teams.exe -ErrorAction SilentlyContinue).VersionInfo.FileVersion -eq $null){
Write-Host Teams Not installed
}
Else{
If ((Get-Item $_\current\Teams.exe -ErrorAction SilentlyContinue).VersionInfo.FileVersion -lt $TeamsVersion){
Write-Host Teams out of date - removing $_
Remove-Item $_\* -Recurse -Force -ErrorAction SilentlyContinue
$removed = 1
}
If ((Get-Item $_\current\Teams.exe -ErrorAction SilentlyContinue).VersionInfo.FileVersion -gt $TeamsVersion){
Write-Host Teams version doesn't match, newer than the version we are checking for $_
}
}
}
if ($removed -eq '1'){
Write-Host Teams Removed, installing latest teams wide installer msi
#Download Files
write-host Downloading Teams
If (!(Test-Path 'C:\_install')) {
New-Item -Path "C:\" -ItemType Directory -Name "_install"
}
wget $Installer -OutFile "C:\_install\teamsmsi.msi"
Start-Process C:\_install\teamsmsi.msi -ArgumentList "ALLUSERS=1 /qn /norestart"
}
Please note: You use scripts at your own discresion and should test these fully before using across your enterprise environment. The above script is provided "as is" and has not been fully tested by Cyber Tec Security.