Connect with us

Tech News

Unpatched Vulnerabilities In Microsoft macOS Apps Pose Threat

Published

on

Latest Hacking News

Researchers caution macOS users about multiple unpatched vulnerabilities in Microsoft apps for the system. Exploiting these vulnerabilities could potentially allow an attacker to gain sensitive device permissions.

Numerous Vulnerabilities In Microsoft macOS Apps Remain Unpatched

In a recent report, Cisco Talos researchers highlighted the risks associated with exploiting unpatched vulnerabilities in Microsoft macOS apps.

They identified eight security vulnerabilities affecting various Microsoft applications designed for Mac devices. These vulnerabilities were discovered during the analysis of Microsoft apps and the exploitability of macOS’s permission-based security model, which relies on the Transparency, Consent, and Control (TCC) framework. It was noted that an attacker could exploit these flaws to circumvent TCC controls and gain additional permissions without user interaction.

Successful exploitation of these vulnerabilities would enable an attacker to carry out malicious activities using the permissions granted to Microsoft apps. These activities could include sending deceptive emails, capturing audio or video on the target system, and taking photos.

The researchers specifically identified the following eight library injection vulnerabilities in different Microsoft apps. An attacker could exploit these vulnerabilities by injecting malicious libraries into the running processes of the target apps to bypass existing permissions.

  • CVE-2024-42220 (CVSS 7.1): Affects Microsoft Outlook 16.83.3 for macOS.
  • CVE-2024-42004 (CVSS 7.1): Affects Microsoft Teams (work or school) 24046.2813.2770.1094 for macOS.
  • CVE-2024-39804 (CVSS 7.1): Impacts Microsoft PowerPoint 16.83 for macOS.
  • CVE-2024-41159 (CVSS 7.1): Exists in Microsoft OneNote 16.83 for macOS.
  • CVE-2024-41165 (CVSS 7.1): Impacts Microsoft Word 16.83 for macOS.
  • CVE-2024-43106 (CVSS 7.1): Exists in Microsoft Excel 16.83 for macOS.
  • CVE-2024-41145 (CVSS 7.1): Affects WebView.app helper app of Microsoft Teams (work or school) 24046.2813.2770.1094 for macOS.
  • CVE-2024-41138 (CVSS 7.1): Exists in com.microsoft.teams2.modulehost.app helper app of Microsoft Teams (work or school) 24046.2813.2770.1094 for macOS.

Microsoft Downplays The Threat

Given the functioning of the permission-based model in Apple macOS, the researchers are concerned that an attacker could exploit all permissions granted to an app and carry out various malicious activities “on behalf of the app.”

While macOS’s security features, such as hardened runtime, prevent code execution through another application’s process, injecting a malicious library into the target app’s process space opens up possibilities for exploitation.

According to Cisco Talos, Microsoft has classified these unpatched vulnerabilities as low risk. They have mentioned that some of their applications need to allow loading of unsigned libraries to support plugins and have chosen not to address these issues.

However, the researchers noted updates for Microsoft Teams WebView.app, Microsoft Teams main app, Microsoft Teams ModuleHost.app, and Microsoft OneNote apps for macOS that have addressed the vulnerabilities. Nevertheless, Microsoft Office apps (Excel, Word, PowerPoint, Outlook) remain vulnerable.

We would like to hear your thoughts in the comments.

See also  7 note-taking apps for organization

Trending