According to a report, a security flaw discovered in Microsoft apps enables hackers to monitor your Mac. These apps can be exploited to capture video and audio from your device, obtain sensitive information, and gain elevated privileges.
According to Cisco Talos, a cybersecurity group, a significant vulnerability was discovered in Microsoft’s macOS applications including Outlook, Word, Teams, OneNote, and Excel. This flaw allows attackers to insert harmful libraries into the apps, granting them access to the apps’ permissions and user-granted entitlements.
The macOS framework operates on a permission-based system and utilizes the transparency, consent, and control (TCC) framework. This requires macOS to ask for your permission before running new apps and to present prompts whenever apps need to access sensitive information such as contacts, photos, webcams, etc.
Prior to requesting these permissions, apps must obtain entitlements as defined by Apple.
The entitlements of Microsoft apps include a security flaw that enables hackers to bypass permission requests and obtain access to your confidential data.
According to researchers from Cisco Talos, a total of eight vulnerabilities were discovered in multiple Microsoft applications designed for macOS. These vulnerabilities could potentially allow an attacker to bypass the operating system’s permission model by exploiting existing app permissions, without requiring any further verification from the user.
Although Cisco Talos did not release a functional exploit for the potential abuse of this issue in real-world attacks, they also did not confirm any instances of hackers utilizing it to gain access to sensitive user information.
Microsoft has made updates to the way Teams and OneNote apps handle the library validation entitlement on macOS. However, the exploit still remains a potential threat for Excel, PowerPoint, Word, and Outlook.
The company based in Redmond does not view it as a significant enough threat to warrant a fix.
According to the Cybersecurity group, Microsoft has deemed these issues to be of low risk. They have also stated that some of their applications require the ability to load unsigned libraries in order to support plugins, and as a result, they have chosen not to address the issues.
Leave a Reply