Cisco Talos reports that it’s identified eight vulnerabilities in Microsoft applications for macOS.
The threat intelligence teams says an adversary could exploit these vulnerabilities by injecting malicious libraries into Microsoft’s applications to gain their entitlements and user-granted permissions.
Permissions regulate whether an app can access resources such as the microphone, camera, folders, screen recording, user input and more. So if an adversary were to gain access to these, they could potentially leak sensitive information or, in the worst case, escalate privileges, according to Cisco Talos.
Cisco Talos recently conducted an analysis of macOS applications and the exploitability of the platform’s permission-based security model, which centers on the Transparency, Consent, and Control (TCC) framework. From the report:
We identified eight vulnerabilities in various Microsoft applications for macOS, through which an attacker could bypass the operating system’s permission model by using existing app permissions without prompting the user for any additional verification. If successful, the adversary could gain any privileges already granted to the affected Microsoft applications. For example, the attacker could send emails from the user account without the user noticing, record audio clips, take pictures or record videos without any user interaction. Microsoft considers these issues low risk, and some of their applications, they claim, need to allow loading of unsigned libraries to support plugins and have declined to fix the issues. Here is the list of vulnerabilities Talos discovered with their Talos IDs and corresponding CVEs:
Article provided with permission from AppleWorld.Today
