Multiple Microsoft Apps for macOS Vulnerable to Library Injection Attacks

20-August-24

Widely used Microsoft apps for macOS are vulnerable to library injection attacks that let adversaries use the applications’ entitlements to bypass macOS’s strict permission-based security model and controls. Attackers can abuse the vulnerable apps to execute a variety of malicious actions — like surreptitiously sending emails from a user’s account or recording audio and video clips — without the user’s knowledge and without the need for any user interaction. Cisco Talos researchers found eight major Microsoft apps for macOS — Outlook, Teams, PowerPoint, OneNote, Excel, Word, and two other Teams-related components — allow attackers to inject a malicious library into the app’s running processes. “That library could use all the permissions already granted to the process, effectively operating on behalf of the application itself.

Read More…