Microsoft 365 Android Apps Vulnerability: Billions

A critical oversight exposed billions of Microsoft 365 users on Android devices to account takeover. The vulnerability stemmed from a single, forgotten development flag that remained active in production code. This flag silently handed Microsoft account tokens to any app on an Android device, compromising users across six major Microsoft 365 applications without requiring any interaction or consent.

The vulnerability, dubbed FlagLeft, allowed any third-party app on the same Android device to silently request and receive valid Microsoft account tokens without triggering a login prompt, a permission request, or a user notification.

The root cause was remarkably simple: a single line of debug code, setIsDebugMode(true), had been left enabled in production builds.

That flag turned off the authorization check designed to ensure that only trusted Microsoft apps could request account tokens from other Microsoft apps on the same device.

The vulnerability was confirmed across Microsoft Word, PowerPoint, Excel, Microsoft 365 Copilot, Microsoft Loop, and Microsoft OneNote on Android.

Microsoft Teams was not affected; its debug flag was correctly set to false in production. Because the vulnerable flag lived inside a shared Microsoft SDK, the same flawed code propagated across all six apps simultaneously.

Microsoft 365 Android Apps Account Takeover Vulnerability

Microsoft 365 apps use a token-sharing mechanism called FOCI (Family of Client IDs) to enable seamless single sign-on across the app suite.

Logging into Word, for example, means PowerPoint or Excel does not require a separate login, which is a legitimate and intended design.

However, setIsDebugMode(true) bypassed the trust verification step that separates a legitimate Microsoft app from an untrusted third-party app.

These tokens are especially dangerous because they are long-lived, refreshable, and generate no suspicious activity in logs the traffic looks entirely normal.

With debug mode active, any co-installed app could make the same token request and receive full FOCI tokens in return.

An attacker exploiting this flaw could silently read emails, access OneDrive files, send messages, and view calendar data, all under the identity of the signed-in user.

MSRC confirmed and patched all reported issues, assigning multiple CVEs. CVE-2026-41100 covers Microsoft 365 Copilot for Android with a CVSS score of 4.4 (Medium).

CVE-2026-41101 covers Word for Android and CVE-2026-41102 covers PowerPoint for Android, both rated 7.1 (High).

Microsoft Office for Android carries a CVSS score of 7.7 (Important). All issues fall under CWE-284 Improper Access Control, published May 12, 2026.

Impact and Remediation

Researchers at Enclave and Ofek Levin uncovered a critical flaw in a shared Microsoft SDK used across multiple Microsoft 365 Android apps.

The combined installs across the six affected apps span billions of Android devices globally. Every signed-in user was potentially exposed to silent token theft by any co-installed app, with no visible indicator of compromise on the user’s side.

Microsoft has patched all six apps, and users must immediately update Word, PowerPoint, Excel, Microsoft 365 Copilot, Microsoft Loop, and OneNote to their latest Android versions.

Enterprise MDM administrators should confirm that patched versions are deployed across managed devices and audit OAuth token activity in Microsoft Defender for Cloud Apps for any anomalous behavior.

This case demonstrates how a single development artifact, one boolean flag, can collapse an entire authentication trust model when it escapes into production.

The flaw was not in the FOCI token-sharing design itself, but in the missing gate that controls access to it. Because the code was shared across an SDK, one oversight instantly affected six major apps and billions of users at once.

Enclave’s AI-assisted variant analysis was critical in rapidly mapping the full scope of the vulnerability across the entire Microsoft 365 Android portfolio.

Disclaimer: HackersRadar reports on cybersecurity threats and incidents for informational and awareness purposes only. We do not engage in hacking activities, data exfiltration, or the hosting or distribution of stolen or leaked information. All content is based on publicly available sources.