Security News > 2024 > August > Multiple flaws in Microsoft macOS apps unpatched despite potential risks

Multiple flaws in Microsoft macOS apps unpatched despite potential risks
2024-08-19 19:01

Cisco Talos says eight vulnerabilities in Microsoft's macOS apps could be abused by nefarious types to record video and sound from a user's device, access sensitive data, log user input, and escalate privileges.

For users familiar with macOS, it's what's responsible for requesting your permission to run new apps, and displays prompts when those apps want to access sensitive stores such as contacts, photos, webcams, etc.

Every macOS app downloaded from the App Store is sandboxed and these can only access the resources the devs specified through entitlements.

All the Microsoft apps in question are protected by hardened runtime and also disable library validation through entitlements, effectively disabling protection against malicious library injection, Benvenuto argued.

He also highlighted that the only plugins available to Microsoft's macOS apps are Office add-ins, meaning there is no apparent reason to open their apps to running plugins from third parties, as they did through the entitlements.

Despite designating these vulnerabilities low-risk status and refusing to patch them, Microsoft has since updated its Teams apps, and OneNote, removing the entitlement that allowed library injection, essentially mitigating the bugs.


News URL

https://go.theregister.com/feed/www.theregister.com/2024/08/19/cisco_talos_microsoft_macos/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Microsoft 365 50 1369 2819 161 4399