therecord.media
Open in
urlscan Pro
2606:4700::6812:1025
Public Scan
URL:
https://therecord.media/microsoft-macos-apps-vulnerabilities-cisco
Submission: On August 20 via api from TR — Scanned from DE
Submission: On August 20 via api from TR — Scanned from DE
Form analysis
1 forms found in the DOM<form><span class="text-black text-sm icon-search"></span><input name="s" placeholder="Search…" type="text" value=""><button type="submit">Go</button></form>
Text Content
This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy. Accept * Leadership * Cybercrime * Nation-state * Elections * Technology * Cyber Daily® * Click Here Podcast Go Subscribe to The Record ✉️ Free Newsletter Image: Marvin Meyer via Unsplash Alexander Martin August 19th, 2024 * Cybercrime * Industry * News * News Briefs * Technology * * * * * Get more insights with the Recorded Future Intelligence Cloud. Learn more. VULNERABILITIES IN MICROSOFT’S MACOS APPS COULD HELP HACKERS ACCESS MICROPHONES AND CAMERAS Researchers said they discovered eight vulnerabilities in a range of Microsoft applications for macOS, including Teams, Outlook, Word, PowerPoint, OneNote and Excel, that could allow an attacker to gain access to a user’s “microphone, camera, folders, screen recording, user input and more.” According to a blog post published Monday by Cisco Talos, if users have already given those apps permission to access device resources then the way Microsoft has designed its apps means hackers could exploit them to secretly record video or audio without users’ knowing. “If a trusted application is compromised, it might be manipulated to abuse its permissions, allowing attackers to perform actions without user knowledge. For instance, if a video chat app with camera and microphone access is exploited, it could be forced to record without alerting the user,” warned Cisco. The vulnerabilities are all linked to library injection — a technique that macOS defends against with Hardened Runtime, a setting that restricts the loading of risky libraries that could contain malicious code. However, as the setting also restricts some capabilities that apps can depend on, Apple advises developers they can “add an entitlement to disable an individual protection” to ensure their apps’ functionality. Cisco argues that Microsoft has added entitlements for the affected apps, disabling some of the protections provided by Hardened Runtime — and has done so unnecessarily. The entitlement used by Microsoft is intended to allow apps to load plug-ins signed by third-party developers, Cisco stated: “Yet, as far as we know, the only ‘plug-ins’ available to Microsoft's macOS apps are web-based and known as ‘Office add-ins.’ “If this understanding is correct, it raises questions about the necessity of disabling library validation, especially if no additional libraries are expected to be loaded. By using this entitlement, Microsoft is circumventing the safeguards offered by the hardened runtime, potentially exposing its users to unnecessary risks,” states the blog. Microsoft considers the issues “low risk,” according to Cisco. But following the report, Microsoft updated its Teams apps and OneNote to remove the entitlement and thus the potential vulnerability. The blog states that Excel, Outlook, PowerPoint and Word remain vulnerable and warns these “leave the door open for adversaries to exploit all of the apps' entitlements and, without any user prompts, reuse all the permissions already granted to the app, effectively serving as a permission broker for the attacker.” Microsoft and Apple did not immediately respond to a request for comment. * * * * * Tags * Microsoft * Apple * Cisco Talos * vulnerability research Previous articleNext article Background-check giant confirms security incident leaked millions of SSNs Ukrainian bank's service for military donations targeted by ‘massive’ DDoS attack Alexander Martin is the UK Editor for Recorded Future News. He was previously a technology reporter for Sky News and is also a fellow at the European Cyber Conflict Research Initiative. BRIEFS * Cybercriminals siphon credit card numbers from Oregon Zoo websiteAugust 19th, 2024 * New infostealer targets macOS devices, appears to have Russian linksAugust 16th, 2024 * Russian citizen sentenced in US for selling stolen financial data on criminal marketplaceAugust 15th, 2024 * ‘It was Iran,’ Trump says of presidential campaign hackAugust 14th, 2024 * Biotech company hacked in 2023 pays states $4.5 million over breached dataAugust 14th, 2024 * Indian telecom regulator orders crackdown on spam callsAugust 14th, 2024 * GM lawsuit is Texas attorney general’s first shot in privacy initiativeAugust 14th, 2024 * Over 100 Ukrainian computers infected with backdoor malware, researchers sayAugust 13th, 2024 * FBI says it is investigating purported Trump campaign hackAugust 13th, 2024 SPEEDING TOWARD TAIWAN: CHINA’S AMPHIBIOUS ARMORED VEHICLES DEVELOPMENT Speeding Toward Taiwan: China’s Amphibious Armored Vehicles Development MALIGN INFLUENCE THREATS MOUNT AHEAD OF US 2024 ELECTIONS Malign Influence Threats Mount Ahead of US 2024 Elections PRODUCTION AND PROLIFERATION: THE RISKS OF THE BURGEONING IRANIAN DRONE INDUSTRY Production and Proliferation: The Risks of the Burgeoning Iranian Drone Industry "ERIAKOS" SCAM CAMPAIGN: DETECTED BY RECORDED FUTURE’S PAYMENT FRAUD INTELLIGENCE TEAM "ERIAKOS" Scam Campaign: Detected by Recorded Future’s Payment Fraud Intelligence Team DESPITE SANCTIONS, NORTH KOREANS CONTINUE TO USE FOREIGN TECHNOLOGY Despite Sanctions, North Koreans Continue to Use Foreign Technology * * * * * * Privacy * About * Contact Us © Copyright 2024 | The Record from Recorded Future News