A library injection vulnerability (CVE-2024-42220) has been discovered in Microsoft Outlook for macOS by Cisco Talos researchers. This vulnerability allows a specially crafted library to bypass permissions and exploit the program’s access privileges.

Description

The vulnerability, found by Francesco Benvenuto [6], can be triggered by a malicious application injecting a library into Outlook [6], potentially leading to unauthorized access to user permissions [6]. Despite being compiled with the Hardened Runtime security feature [6], a specific entitlement in Outlook allows the loading of unsigned dynamic libraries [6], enabling unauthorized access to resources like the microphone and camera [1]. The use of the com.apple.security.cs.disable-library-validation entitlement further increases the risk of library injection in Outlook [6]. While some Microsoft applications for macOS have been updated to address security vulnerabilities, Excel [1] [2] [3] [4] [5], PowerPoint [1] [2] [3] [4] [5], and Word remain vulnerable to these attacks [5]. Microsoft has categorized the issue as a low-severity threat and has not issued a fix [5], citing the need to support Office add-ins [1].

Conclusion

Users are advised to exercise caution when granting app permissions and ensure that their apps are not loading compromised libraries to prevent potential security breaches. The impact of this vulnerability could lead to unauthorized access to sensitive resources, and the lack of a fix from Microsoft raises concerns about the security of Outlook for macOS. Future implications may include the need for stricter security measures to prevent library injection vulnerabilities in similar applications.

References

[1] https://www.computerweekly.com/news/366605734/Popular-Microsoft-apps-for-Mac-at-risk-of-code-injection-attacks
[2] https://cybersecuritynews.com/microsoft-macos-apps-vulnerability/
[3] https://www.iphoneincanada.ca/2024/08/19/macos-microsoft-security-vulnerabilities/
[4] https://www.infosecurity-magazine.com/news/microsoft-apps-macos-exposed/
[5] https://www.darkreading.com/remote-workforce/multiple-microsoft-apps-for-macos-vuln-to-malicious-library-injection-attacks
[6] https://vulners.com/talos/TALOS-2024-1972