Source URL: https://www.theregister.com/2024/08/19/cisco_talos_microsoft_macos/
Source: The Register
Title: Multiple flaws in Microsoft macOS apps unpatched despite potential risks
Feedly Summary: Windows giant tells Cisco Talos it isn’t fixing them
Cisco Talos says eight vulnerabilities in Microsoft’s macOS apps could be abused by nefarious types to record video and sound from a user’s device, access sensitive data, log user input, and escalate privileges.…
AI Summary and Description: Yes
Summary: The text presents an analysis by Cisco Talos regarding eight vulnerabilities across Microsoft’s macOS applications that pose significant risks, including unauthorized access to sensitive data and privilege escalation. Although Microsoft labeled these vulnerabilities as low-risk and declined to patch them initially, mitigation efforts were later made to some apps, highlighting ongoing concerns about app security in environments reliant on user permissions.
Detailed Description:
– **Vulnerabilities Identified:**
– Cisco Talos reports eight vulnerabilities in various Microsoft macOS applications, including Outlook, Teams, PowerPoint, OneNote, Excel, and Word.
– Specific CVEs include:
– CVE-2024-42220 (Outlook)
– CVE-2024-42004 (Teams)
– CVE-2024-39804 (PowerPoint)
– CVE-2024-41159 (OneNote)
– CVE-2024-43106 (Excel)
– CVE-2024-41165 (Word)
– CVE-2024-41145 (Teams – WebView.app)
– CVE-2024-41138 (Teams – modulehost.app)
– **Microsoft’s Response:**
– Microsoft deemed these vulnerabilities low risk and did not intend to fix them initially.
– A senior security research engineer at Talos noted that some applications require the ability to load unsigned libraries for plugin functionality.
– **Apple’s Security Model:**
– Apple’s security relies on a permission-based model, the Transparency, Consent, and Control (TCC) framework, which prompts users for permission to access sensitive resources.
– Applications require specific entitlements to gain access to system features, encouraging transparency and user consent.
– **Exploitation Risks:**
– Attackers could exploit existing permissions granted to applications to access protected resources without needing to trick users into running malicious programs.
– If successful, these exploits could allow attackers to leverage the application’s full entitlements and permissions.
– **Current Protections:**
– Apple employs sandboxing for applications downloaded from the App Store, limiting their access to only specified resources.
– The hardened runtime mitigates the ability for malicious libraries to execute by enforcing strict validation of loaded libraries.
– **Findings on Security Weaknesses:**
– Despite Apple’s defenses, the identified vulnerabilities can still be exploited under certain conditions.
– Notably, some Microsoft applications can disable crucial security features (like library validation) via entitlements.
– **Action Taken:**
– While Microsoft has not addressed the vulnerabilities in Office apps, they have removed the problematic entitlements in Teams and OneNote to reduce risks.
This analysis emphasizes the ongoing challenge of maintaining robust security in software applications, particularly in environments that depend heavily on user permissions and third-party plugins. It serves as a reminder for security professionals to remain vigilant regarding the applications being deployed in their environments and the permissions being granted.