New York, August 20: A team of security researchers working at Cisco Talos have identified eight vulnerabilities in the Microsoft applications running on the macOS operating system. These vulnerabilities can allow the threat actors to exploit and access the system. The researchers shared their findings, including details about these vulnerabilities that could affect Apple macOS users. 

In its official post,  Cisco Talos said that its team conducted an analysis of macOS applications and the exploitability of the platform's permission-based security model. The analysis centred around the TCC (Transparency, Consent, and Control) framework. The team found that attackers could exploit these vulnerabilities and steal the app's permissions. IndiGo Airlines Complaint: X User Demands Explanation of Various Fees Charged From Passengers by Company, Says, ‘Ye Tum Logo Ka Zyada Ho Raha Hai Ab’.

The permissions regulate whether the app can gain access to the device's microphone, camera, storage, screen recording, and more. Since all of these are critical and could allow attackers to access sensitive information, The team found that the threat actor could escalate privileges in the worst cases. 

The vulnerabilities found in the Microsoft applications in macOS are listed below,

  • Microsoft Outlook

  • Microsoft Word

  • Microsoft Excel

  • Microsoft PowerPoint

  • Microsoft OneNote

  • Microsoft Teams (Work and School)

  • Microsoft Teams (work or school) WebView.app helper app

  • Microsoft Teams (work or school) com.microsoft.teams2.modulehost.app

According to the Cisco Talos researchers, most operating systems are based on the DAC (Discretionary Access Control), which provides minimal protection against malware or any exploited software. It also lets the software run on the users' root privileges. Apple's macOS offers safety against such breaches of privacy against malicious software.

During the research, the Cisco Talos team found that  Microsoft's macOS applications employed a "hardened runtime" feature, which enhanced security. However, the "com.apple.security.cs.disable.library-validation" entitlement active was found to be potentially risky. The hardened runtime feature protects the systems against library injection attacks. Despite the fact that the sandbox protects the data and system resources, malware attacks could exploit some applications under certain conditions. WazirX Data Security Breach: Experts Demand Thorough Investigation by State Authorities Over INR 2,000 Crore Data Asset Theft.

Cisco Talos said in its post, "Typically, a combination of specific entitlements or vulnerabilities is required for an app to become a viable attack vector." It said that if the app had "com.apple.security.cs.disable-library-validation" entitlement, it could allow the attacks to inject any library and run arbitrary code within the app, thus, could get full permissions and entitlements.

(The above story first appeared on LatestLY on Aug 20, 2024 02:47 PM IST. For more news and updates on politics, world, sports, entertainment and lifestyle, log on to our website latestly.com).