Several Microsoft 365 apps are at serious risk of compromising macOS devices, according to Cisco Talos

The cybersecurity expert discovered 8 vulnerabilities.

News

Reading time icon 2 min. read

Calendar icon Published on

by Milan Stanojevic 

published on

Share this article

Readers help support Windows Report. We may get a commission if you buy through our links. Tooltip Icon

Read our disclosure page to find out how can you help Windows Report sustain the editorial team. Read more

microsoft cisco talos

A recent discovery by Cisco Talos has spotlighted a somewhat unsettling reality for users of Microsoft’s macOS applications. Eight vulnerabilities across various Microsoft 365 apps have been identified, potentially allowing hackers to bypass macOS’s permission model.

This means that a hacker could send emails, record audio, or even take pictures and videos without any additional verification from the user. The vulnerabilities affect popular applications such as Microsoft Outlook, Teams, PowerPoint, OneNote, Excel, and Word.

TALOS-2024-1972CVE-2024-42220Microsoft Outlook
TALOS-2024-1973CVE-2024-42004Microsoft Teams (work or school)
TALOS-2024-1974CVE-2024-39804Microsoft PowerPoint
TALOS-2024-1975CVE-2024-41159Microsoft OneNote
TALOS-2024-1976CVE-2024-43106Microsoft Excel
TALOS-2024-1977CVE-2024-41165Microsoft Word
TALOS-2024-1990CVE-2024-41145Microsoft Teams (work or school) WebView.app helper app
TALOS-2024-1991CVE-2024-41138Microsoft Teams (work or school) com.microsoft.teams2.modulehost.app

These vulnerabilities stem from a technique known as code injection. In this technique, malicious code is sneaked into legitimate processes, allowing access to protected resources. MacOS has defences, like the Hardened Runtime feature, designed to prevent such code injection. However, Microsoft’s macOS applications enable a setting that bypasses this protection, leading to these vulnerabilities.

Microsoft’s response to these findings was somewhat underwhelming. They acknowledged the issues but deemed them low risk, citing the need for their apps to load unsigned libraries to support plugins. They’ve fixed the vulnerabilities for some apps but left others, like Excel, Outlook, PowerPoint, and Word, vulnerable.

This isn’t the first time Cisco Talos has apprehended vulnerabilities in the Microsoft 365 environment. Earlier this year, the cybersecurity expert found malware in the form of Microsoft installers spreading in Google Cloud Run.

This situation leaves users in a bit of a pickle. While Microsoft prioritizes plugin functionality over security for certain apps, it exposes users to significant risks. The balance between functionality and security is tricky, and it’s unclear how Apple will address these vulnerabilities on its platform.

If you use Microsoft’s macOS applications, you could be at risk. The vulnerabilities could allow bad actors to exploit the permissions granted to these apps, doing things on your behalf without your knowledge.

More about the topics: macos, Microsoft 365

Milan Stanojevic

Milan Stanojevic Shield

Windows Toubleshooting Expert

Milan has been enthusiastic about technology ever since his childhood days, and this led him to take interest in all PC-related technologies. He's a PC enthusiast and he spends most of his time learning about computers and technology. Before joining WindowsReport, he worked as a front-end web developer. Now, he's one of the Troubleshooting experts in our worldwide team, specializing in Windows errors & software issues.

User forum

0 messages