2024-08-19
Cisco Talos: Vulnerabilities in Microsoft Apps for macOS
Researchers from Cisco Talos have provided details about eight vulnerabilities in Microsoft apps for macOS. The flaws could be exploited by injecting specially crafted libraries into the apps to access microphones, cameras, folders, input, and other functions. The vulnerabilities affect three different Microsoft Teams apps, as well as Outlook, PowerPoint, OneNote, Excel, and Word.
Editor's Note
The issue here is that once an application has the entitlements like camera access, these entitlements extend to the entire application, including libraries loaded at run time or extensions and plugins. It is up to the application at this point to protect itself. The issue Cisco points out is that the applications do not enforce security features available to protect the application. However, all of these applications have some form of scripting interface. This would allow an attacker to abuse these applications even if dynamically loaded libraries are validated.
Johannes Ullrich
As always, this is a good writeup from the Talos group around a portion of the enterprise ecosystem that seldom gets talked about. There is a lot of effort to subvert Windows, but how many MacOS devices are in the corporate ecosystem? Specifically in the executive suites at a minimum.
Moses Frost
macOS has a layered security model, including TCC and entitlements which are aimed at protecting user privacy and system security. They are not foolproof. These apps include the entitlement to disable library validation, which only allows them to access libraries signed by their developer, which was removed with updates to Teams and OneNote. Excel, Outlook, PowerPoint and Word remain this capability to support plug-ins. Other than pushing updated applications, reviewing their access (user granted, e.g. Camera/Microphone access) is a good idea.
Lee Neely
Read more in
Cisco Talos: How multiple vulnerabilities in Microsoft apps for macOS pave the way to stealing permissions
The Record: Vulnerabilities in Microsoft’s macOS apps could help hackers access microphones and cameras
SC Magazine: Bugs in Microsoft apps for macOS could give privileges to attackers
The Register: Multiple flaws in Microsoft macOS apps unpatched despite potential risks