Cybersecurity group Cisco Talos identified vulnerabilities in Microsoft apps for Mac that could leave you vulnerable to hackers. According to the group, some Microsoft apps can be exploited and let hackers inject malicious libraries to gain entitlements and user-granted permissions, such as microphone access, camera, folders, screen recording, user input, and more.
Cisco Talos says there are eight vulnerabilities in various Microsoft Mac apps that let attackers bypass the operating system’s permission model by using app permissions without prompting the user for any additional verification.
The group gives some examples: “An attacker could send emails from the user account without the user noticing, record audio clips, take pictures, or record videos without any user interaction.” Interestingly, Microsoft considers these issues low risk, as the company claims users “need to allow loading of unsigned libraries to support plugins” and has declined to fix them.
According to Cisco Talos, Microsoft Outlook, Teams, PowerPoint, OneNote, Excel, and Word could be hacked because they use a feature called com.apple.security.cs.disable-library-validation entitlement. It could turn off security features and make apps vulnerable to library injection attacks.
Fortunately, in a lengthy blog post, the company explains that macOS offers enough protection, and users are unlikely to suffer from this attack. However, when an app is downloaded outside the Mac App Store, it makes it more possible for a hacker to bypass the app and Mac security and perform this attack.
The best way to protect yourself is to keep your Mac and Microsoft apps updated. Avoiding installing plugins for Microsoft apps could also help prevent security flaws on the Mac.
Also, it seems this attack hasn’t been exploited, and regular users shouldn’t worry too much about it. That said, you should always check your Mac’s Settings to ensure only the apps you trust can access your microphone, camera, folders, and more.
