Security News > 2024 > August > Multiple flaws in Microsoft macOS apps unpatched despite potential risks
Cisco Talos says eight vulnerabilities in Microsoft's macOS apps could be abused by nefarious types to record video and sound from a user's device, access sensitive data, log user input, and escalate privileges.
For users familiar with macOS, it's what's responsible for requesting your permission to run new apps, and displays prompts when those apps want to access sensitive stores such as contacts, photos, webcams, etc.
Every macOS app downloaded from the App Store is sandboxed and these can only access the resources the devs specified through entitlements.
All the Microsoft apps in question are protected by hardened runtime and also disable library validation through entitlements, effectively disabling protection against malicious library injection, Benvenuto argued.
He also highlighted that the only plugins available to Microsoft's macOS apps are Office add-ins, meaning there is no apparent reason to open their apps to running plugins from third parties, as they did through the entitlements.
Despite designating these vulnerabilities low-risk status and refusing to patch them, Microsoft has since updated its Teams apps, and OneNote, removing the entitlement that allowed library injection, essentially mitigating the bugs.
News URL
https://go.theregister.com/feed/www.theregister.com/2024/08/19/cisco_talos_microsoft_macos/