Researchers from Cisco Talos have identified eight security vulnerabilities in Microsoft applications for macOS that could potentially allow attackers to gain elevated privileges and access sensitive data.

Description

The vulnerabilities affect popular Microsoft applications such as Outlook [4], Word [1] [4] [5], Excel [1] [4] [5], PowerPoint [1] [4] [5], and Teams [1] [4] [5], and exploit the macOS permission system based on the Transparency, Consent [1] [2] [3] [4] [5] [6], and Control (TCC) framework [1] [2] [3] [4] [5] [6]. Attackers can inject malicious libraries into these applications, bypassing user consent and extracting sensitive information without authorization. While Microsoft has addressed some vulnerabilities in certain apps, others still pose security risks due to the use of unsigned libraries for plugin support. The TCC framework [1] [2] [4] [5] [6], designed to require explicit user consent for accessing sensitive resources [2], can be circumvented by injecting a malicious library, enabling attackers to misuse permissions or entitlements of other apps [2]. Microsoft’s macOS apps utilize a hardened runtime for security [2], but the use of the com.apple.security.cs.disable-library-validation entitlement exposes users to unnecessary risks [2]. Securely managing third-party plug-ins within macOS remains a challenge [4] [5], with options like notarization of third-party plug-ins requiring verification of security by either Microsoft or Apple [4]. Users are advised to update their systems with the latest security patches and exercise caution with third-party software to mitigate risks and combat potential threats.

Conclusion

These security vulnerabilities in Microsoft applications for macOS highlight the importance of staying vigilant and proactive in addressing potential threats. By updating systems with the latest security patches and carefully managing third-party software [3], users can mitigate risks and protect sensitive data from unauthorized access. Moving forward, collaboration between software developers and platform providers will be crucial in ensuring the security and integrity of macOS applications.

References

[1] https://vulners.com/thn/THN:D771D1FC4822489EE7C61CAEF2DAB086
[2] https://securityaffairs.com/167973/hacking/microsoft-apps-for-macos-flaws.html
[3] https://www.krofeksecurity.com/warning-critical-vulnerabilities-in-microsofts-macos-apps-expose-users-to-unrestricted-access-risks/
[4] https://thehackernews.com/2024/09/new-flaws-in-microsoft-macos-apps-could.html
[5] https://rhyno.io/blogs/cybersecurity-news/microsoft-macos-apps-vulnerable-to-hackers/
[6] https://www.blackhatethicalhacking.com/news/critical-flaws-in-microsoft-macos-apps-eight-vulnerabilities-expose-sensitive-data/