Security News > 2022 > July > Microsoft Details App Sandbox Escape Bug Impacting Apple iOS, iPadOS, macOS Devices

"An attacker could take advantage of this sandbox escape vulnerability to gain elevated privileges on the affected device or execute malicious commands like installing additional payloads," Jonathan Bar Or of the Microsoft 365 Defender Research Team said in a write-up.

While Apple's App Sandbox is designed to tightly regulate a third-party app's access to system resources and user data, the vulnerability makes it possible to bypass these restrictions and compromise the machine.

"The sandbox's primary function is to contain damage to the system and the user's data if the user executes a compromised app," Apple explains in its documentation.

"While the sandbox doesn't prevent attacks against your app, it does reduce the harm a successful attack can cause by restricting your app to the minimum set of privileges it requires to function properly."

Microsoft said it discovered the flaw during its attempts to figure out a way to escape the sandbox and execute arbitrary commands on macOS by concealing the malicious code in a specially crafted Microsoft Office macro.

It's worth noting that any file dropped by a sandboxed app is automatically attached to the "Com.apple.quarantine" extended attribute so as to trigger a prompt requiring explicit user's consent prior to execution.

News URL

https://thehackernews.com/2022/07/microsoft-details-app-sandbox-escape.html