Researchers at Cisco Talos have discovered a vulnerability in Microsoft’s macOS apps that could allow attackers to spy on Apple computer users by accessing their cameras and microphones. He says On the Talos Intelligence blog.
Cisco Talos has identified a vulnerability in Microsoft applications such as Microsoft Outlook and Teams that could allow hackers to spy on Mac users without the user’s knowledge. The attack relies on the incorporation of malicious libraries into Microsoft applications, allowing them to use rights and permissions previously granted by the user.
macOS has a Transparency Consent and Control (TCC) framework that governs app permissions to access your camera and microphone. Every app must request permission from the TCC, but the discovered vulnerability allows malware to use permissions already granted to Microsoft apps without needing to grant additional permissions.
Following the discovery of the vulnerability, Microsoft updated Teams and OneNote for macOS to change how they handle library review permissions. However, Excel, PowerPoint, Word, and Outlook apps are still vulnerable. Microsoft has classified the vulnerability as “low risk” because they rely on loading unsigned libraries to support third-party add-ins.
Experts have expressed their concerns about this issue and hope that Apple will make changes to the TCC to improve system security.
Previously reportedHe said Apple will introduce new AirPods for the first time in three years.
What are you thinking?
Source: Gazeta
Jackson Ruhl is a tech and sci-fi expert, who writes for “Social Bites”. He brings his readers the latest news and developments from the world of technology and science fiction.