Microsoft macOS Apps Vulnerability Allows Hackers to Record Audio/Video
- С сайта: Vulnerability(cybersecuritynews.com)
- Вернуться к списку новостей
С сайта: Vulnerability(cybersecuritynews.com)
Cisco Talos has identified eight security vulnerabilities in Microsoft applications running on the macOS operating system, raising concerns about potential exploitation by adversaries.
These vulnerabilities, if exploited, could allow attackers to hijack the permissions and entitlements of Microsoft applications, leading to unauthorized access to sensitive resources such as microphones, cameras, and user data.
The vulnerabilities revolve around the macOS security model, particularly its Transparency, Consent, and Control (TCC) framework.
This framework is designed to protect user privacy by requiring explicit user consent before applications can access sensitive resources. However,
Cisco Talos discovered that these Microsoft applications could be manipulated to bypass this permission model, allowing attackers to use existing app permissions without user verification.
List of Affected Applications
The vulnerabilities were found in the following Microsoft applications, each identified by a corresponding CVE:
If an attacker successfully exploits these vulnerabilities, they could perform actions such as sending emails, recording audio, or capturing video without user knowledge. Microsoft has classified these issues as low risk and has declined to fix them, citing the need to allow loading of unsigned libraries for plugin support in some applications.
The vulnerabilities werediscovered intwo groups of apps: Microsoft Office apps(Word, Outlook, Excel, OneNote, PowerPoint) and MicrosoftTeams apps (Teams, WebView.app, com.microsoft.teams2.modulehost.app).
All these appsare vulnerableto library injection attacksbecause theyhave the com.apple.security.cs.disable-library-validation entitlement set totrue, allowing anattacker to inject anylibrary and run arbitrarycode within the compromisedapplication.
For example, if an attackerinjects a maliciouslibrary intoMicrosoft Outlook, they could sendemails withoutuser interaction. Similarly, ifan attacker injectsa library into MicrosoftTeams, they couldaccess the camera andmicrophone withouttriggering anypop-up notifications.
Understanding the macOS Security Model
Apple’s macOS employs a layered security model that includes TCC and entitlements to protect user privacy. While TCC requires user consent for accessing sensitive data, entitlements grant specific capabilities to applications.
However, the identified vulnerabilities highlight potential weaknesses in this model, particularly when trusted applications are compromised.
Microsoft has updated four of the vulnerable applications, removing the entitlement that allowed library validation to be disabled. However, Microsoft Excel, Outlook, PowerPoint, and Word remain vulnerable. Users are advised to be cautious and monitor application permissions through the macOS “Privacy & Security” settings.
The discovery of these vulnerabilities underscores the importance of robust security measures in software applications.
While the macOS security model provides significant protection, the potential for exploitation through trusted applications highlights the need for continuous vigilance and updates to security protocols.
Users are encouraged to stay informed about application permissions and to update software regularly to mitigate potential risks.
#macOS #Microsoft #Vulnerability #cyber_security_news #vulnerability
Оригинальная версия на сайте:
Microsoft macOS Apps Vulnerability Allows Hackers to Record Audio/Video
Author: Balaji NCisco Talos has identified eight security vulnerabilities in Microsoft applications running on the macOS operating system, raising concerns about potential exploitation by adversaries.
These vulnerabilities, if exploited, could allow attackers to hijack the permissions and entitlements of Microsoft applications, leading to unauthorized access to sensitive resources such as microphones, cameras, and user data.
The vulnerabilities revolve around the macOS security model, particularly its Transparency, Consent, and Control (TCC) framework.
This framework is designed to protect user privacy by requiring explicit user consent before applications can access sensitive resources. However,
Cisco Talos discovered that these Microsoft applications could be manipulated to bypass this permission model, allowing attackers to use existing app permissions without user verification.
List of Affected Applications
The vulnerabilities were found in the following Microsoft applications, each identified by a corresponding CVE:
- Microsoft Outlook (CVE-2024-42220)
- Microsoft Teams (work or school) (CVE-2024-42004)
- Microsoft PowerPoint (CVE-2024-39804)
- Microsoft OneNote (CVE-2024-41159)
- Microsoft Excel (CVE-2024-43106)
- Microsoft Word (CVE-2024-41165)
- Microsoft Teams WebView.app helper app (CVE-2024-41145)
- Microsoft Teams com.microsoft.teams2.modulehost.app (CVE-2024-41138)
If an attacker successfully exploits these vulnerabilities, they could perform actions such as sending emails, recording audio, or capturing video without user knowledge. Microsoft has classified these issues as low risk and has declined to fix them, citing the need to allow loading of unsigned libraries for plugin support in some applications.
The vulnerabilities werediscovered intwo groups of apps: Microsoft Office apps(Word, Outlook, Excel, OneNote, PowerPoint) and MicrosoftTeams apps (Teams, WebView.app, com.microsoft.teams2.modulehost.app).
All these appsare vulnerableto library injection attacksbecause theyhave the com.apple.security.cs.disable-library-validation entitlement set totrue, allowing anattacker to inject anylibrary and run arbitrarycode within the compromisedapplication.
For example, if an attackerinjects a maliciouslibrary intoMicrosoft Outlook, they could sendemails withoutuser interaction. Similarly, ifan attacker injectsa library into MicrosoftTeams, they couldaccess the camera andmicrophone withouttriggering anypop-up notifications.
Understanding the macOS Security Model
Apple’s macOS employs a layered security model that includes TCC and entitlements to protect user privacy. While TCC requires user consent for accessing sensitive data, entitlements grant specific capabilities to applications.
However, the identified vulnerabilities highlight potential weaknesses in this model, particularly when trusted applications are compromised.
Microsoft has updated four of the vulnerable applications, removing the entitlement that allowed library validation to be disabled. However, Microsoft Excel, Outlook, PowerPoint, and Word remain vulnerable. Users are advised to be cautious and monitor application permissions through the macOS “Privacy & Security” settings.
The discovery of these vulnerabilities underscores the importance of robust security measures in software applications.
While the macOS security model provides significant protection, the potential for exploitation through trusted applications highlights the need for continuous vigilance and updates to security protocols.
Users are encouraged to stay informed about application permissions and to update software regularly to mitigate potential risks.
#macOS #Microsoft #Vulnerability #cyber_security_news #vulnerability
Оригинальная версия на сайте:
