• Multiple vulnerabilities in Microsoft apps for macOS pave the way to stealing..

    Home » Forums » Cyber Security Information and Advisories » Code Red – Security/Privacy advisories » Multiple vulnerabilities in Microsoft apps for macOS pave the way to stealing..

    Author
    Topic
    #2697730

    How multiple vulnerabilities in Microsoft apps for macOS pave the way to stealing permissions

    Cisco Talos has identified eight vulnerabilities in Microsoft applications for the macOS operating system.

    An adversary could exploit these vulnerabilities by injecting malicious libraries into Microsoft’s applications to gain their entitlements and user-granted permissions.

    Permissions regulate whether an app can access resources such as the microphone, camera, folders, screen recording, user input and more. So if an adversary were to gain access to these, they could potentially leak sensitive information or, in the worst case, escalate privileges.

    This post also provides an overview of the macOS security model and illustrates how vulnerabilities within macOS applications could be exploited by adversaries to steal app permissions…

    TALOS-2024-1972 CVE-2024-42220 Microsoft Outlook
    TALOS-2024-1973 CVE-2024-42004 Microsoft Teams (work or school)
    TALOS-2024-1974 CVE-2024-39804 Microsoft PowerPoint
    TALOS-2024-1975 CVE-2024-41159 Microsoft OneNote
    TALOS-2024-1976 CVE-2024-43106 Microsoft Excel
    TALOS-2024-1977 CVE-2024-41165 Microsoft Word
    TALOS-2024-1990 CVE-2024-41145 Microsoft Teams (work or school) WebView.app helper app
    TALOS-2024-1991 CVE-2024-41138 Microsoft Teams (work or school) com.microsoft.teams2.modulehost.app…

    1 user thanked author for this post.
    Reply To: Multiple vulnerabilities in Microsoft apps for macOS pave the way to stealing..

    You can use BBCodes to format your content.
    Your account can't use all available BBCodes, they will be stripped before saving.

    Your information: