Microsoft Teams bug could allow malware deployment from external tenant accounts