Vulnerability in Microsoft apps allowed hackers to spy on Mac users

Share via:


A vulnerability found in Microsoft apps for macOS allowed hackers to spy on Mac users. Security researchers from Cisco Talos reported in a blog post how the vulnerability could be exploited by attackers and what Microsoft has been doing to fix the exploits.

Hackers can use Microsoft apps to access Mac users’ cameras and microphones

Cisco Talos, a cybersecurity group specializing in malware and system prevention, shared details on how a vulnerability in apps like Microsoft Outlook and Teams could lead attackers to access a Mac’s microphone and camera without the user’s consent. The attack is based on injecting malicious libraries into Microsoft apps to gain their entitlements and user-granted permissions.

Apple’s macOS has a framework known as Transparency Consent and Control (TCC), which manages app permissions to access things like location services, camera, microphone, library photos, and other files.

Each app needs an entitlement to request permissions from TCC. Apps without these entitlements won’t even ask for permissions, and consequently won’t have access to the camera and other parts of the computer. However, the exploit allowed malicious software to use the permissions granted to Microsoft apps.

“We identified eight vulnerabilities in various Microsoft applications for macOS, through which an attacker could bypass the operating system’s permission model by using existing app permissions without prompting the user for any additional verification,” the researchers explain.

For example, a hacker could create malicious software to record audio from the microphone or even take photos without any user interaction. “All apps, except for Excel, have the ability to record audio, some can even access the camera,” the group adds.

macOS Sequoia Gatekeeper

Microsoft is working on a fix – but it doesn’t seem to be a priority

According to Cisco Talos, Microsoft considers this exploit to be “low risk” since it relies on loading unsigned libraries to support third-party plugins.

After the exploits were reported, Microsoft updated the Microsoft Teams and OneNote apps for macOS with changes to how these apps handle the library validation entitlement. However, Excel, PowerPoint, Word, and Outlook are still vulnerable to the exploit.

The researchers question why Microsoft had the need to disable library validation, especially when additional libraries are not expected to be loaded. “By using this entitlement, Microsoft is circumventing the safeguards offered by the hardened runtime, potentially exposing its users to unnecessary risks.”

At the same time, the researchers note that Apple could also implement changes to the TCC to make the system more secure. The group suggests that the system should prompt users when loading third-party plugins into apps that already have granted permissions.

More details about the exploit can be found on the Cisco Talos blog.

Read also

FTC: We use income earning auto affiliate links. More.



Source link

Disclaimer

We strive to uphold the highest ethical standards in all of our reporting and coverage. We StartupNews.fyi want to be transparent with our readers about any potential conflicts of interest that may arise in our work. It’s possible that some of the investors we feature may have connections to other businesses, including competitors or companies we write about. However, we want to assure our readers that this will not have any impact on the integrity or impartiality of our reporting. We are committed to delivering accurate, unbiased news and information to our audience, and we will continue to uphold our ethics and principles in all of our work. Thank you for your trust and support.

Popular

More Like this

Vulnerability in Microsoft apps allowed hackers to spy on Mac users


A vulnerability found in Microsoft apps for macOS allowed hackers to spy on Mac users. Security researchers from Cisco Talos reported in a blog post how the vulnerability could be exploited by attackers and what Microsoft has been doing to fix the exploits.

Hackers can use Microsoft apps to access Mac users’ cameras and microphones

Cisco Talos, a cybersecurity group specializing in malware and system prevention, shared details on how a vulnerability in apps like Microsoft Outlook and Teams could lead attackers to access a Mac’s microphone and camera without the user’s consent. The attack is based on injecting malicious libraries into Microsoft apps to gain their entitlements and user-granted permissions.

Apple’s macOS has a framework known as Transparency Consent and Control (TCC), which manages app permissions to access things like location services, camera, microphone, library photos, and other files.

Each app needs an entitlement to request permissions from TCC. Apps without these entitlements won’t even ask for permissions, and consequently won’t have access to the camera and other parts of the computer. However, the exploit allowed malicious software to use the permissions granted to Microsoft apps.

“We identified eight vulnerabilities in various Microsoft applications for macOS, through which an attacker could bypass the operating system’s permission model by using existing app permissions without prompting the user for any additional verification,” the researchers explain.

For example, a hacker could create malicious software to record audio from the microphone or even take photos without any user interaction. “All apps, except for Excel, have the ability to record audio, some can even access the camera,” the group adds.

macOS Sequoia Gatekeeper

Microsoft is working on a fix – but it doesn’t seem to be a priority

According to Cisco Talos, Microsoft considers this exploit to be “low risk” since it relies on loading unsigned libraries to support third-party plugins.

After the exploits were reported, Microsoft updated the Microsoft Teams and OneNote apps for macOS with changes to how these apps handle the library validation entitlement. However, Excel, PowerPoint, Word, and Outlook are still vulnerable to the exploit.

The researchers question why Microsoft had the need to disable library validation, especially when additional libraries are not expected to be loaded. “By using this entitlement, Microsoft is circumventing the safeguards offered by the hardened runtime, potentially exposing its users to unnecessary risks.”

At the same time, the researchers note that Apple could also implement changes to the TCC to make the system more secure. The group suggests that the system should prompt users when loading third-party plugins into apps that already have granted permissions.

More details about the exploit can be found on the Cisco Talos blog.

Read also

FTC: We use income earning auto affiliate links. More.



Source link

Disclaimer

We strive to uphold the highest ethical standards in all of our reporting and coverage. We StartupNews.fyi want to be transparent with our readers about any potential conflicts of interest that may arise in our work. It’s possible that some of the investors we feature may have connections to other businesses, including competitors or companies we write about. However, we want to assure our readers that this will not have any impact on the integrity or impartiality of our reporting. We are committed to delivering accurate, unbiased news and information to our audience, and we will continue to uphold our ethics and principles in all of our work. Thank you for your trust and support.

Website Upgradation is going on for any glitch kindly connect at office@startupnews.fyi

More like this

512GB M4 Mac mini, Apple Pencil Pro, M4 iMac,...

Today’s 9to5Toys Lunch Break is now ready to...

Elon Musk’s jets made 355 trips in 2024, including...

Elon Musk’s jets took more than 355 flights...

Microsoft and OpenAI have a financial definition of AGI:...

Microsoft and OpenAI have a very specific, internal...

Popular

Upcoming Events

Startup Information that matters. Get in your inbox Daily!