How hackers may have used Microsoft apps to spy on Mac users

Office

Researchers from Cisco Talos, a renowned cybersecurity firm, have discovered and identified eight security vulnerabilities in Microsoft apps available for macOS, that potentially allow attackers to access the user’s cameras and microphones. These vulnerabilities could also steal other types of sensitive data compromising system security.

The affected Microsoft apps include widely used programs like Word, Outlook, Excel, OneNote, Teams, and more. The attack is based on injecting malicious libraries into Microsoft apps to gain their entitlements and user-granted permissions. It stems from how Microsoft apps interact with macOS’s Transparency Consent and Control (TCC) framework, which is designed to manage app permissions.

These Microsoft apps also use a feature called com.apple.security.cs.disable-library-validation entitlement. It could turn off security features and make these applications potentially dangerous for the user. This loophole also compromises the integrity of the affected apps, increasing the risk of exploitation by hackers or malicious actors.

In response to Cisco Talos findings, Microsoft has acknowledged the existence of these security flaws on its applications and has categorised these as ‘low risk.’ The tech giant has also updated some of its apps, including Teams and OneNote, to address the way these applications handle library validation.

However, Microsoft has not fixed other vulnerable apps such as Excel, PowerPoint, Word, and Outlook. This makes these apps susceptible to attacks. It has also declined to address these specific vulnerabilities, and the researchers argue that by bypassing these safeguards, Microsoft is potentially exposing its users to unnecessary security risks.

Therefore, you should always check your macOS’s device settings to ensure they are updated timely and do not have unauthorised access to its microphone, camera, or other hardware.