According to a report from Cisco Talos, six popular Microsoft applications for Mac have security vulnerabilities that could allow an attacker to “gain all privileges already granted to the affected Microsoft applications.”
The affected applications are Microsoft Excel, OneNote, Outlook, PowerPoint, Teams, and Word. Microsoft implements a right that disables the macOS Hardened Runtime Environment, which provides protection against dynamically linked library hacks. This could allow an attacker to install malware in Microsoft applications.
According to Cisco Talos, “the attacker could send emails from the user’s account without the user’s knowledge, record audio clips, take photos, or record videos without any user interaction.” The security firm said that “Microsoft considers these issues to be low risk” and that the company “has declined to address them.”
Microsoft has updated Teams and OneNote to fix the permission issue, but other apps still have the vulnerability.
How to protect yourself from hackers
Microsoft doesn’t seem to be willing to prioritize fixing this issue, so users should be diligent. Don’t let strangers access your Mac, and don’t plug in suspicious devices like USB drives. Check for software updates, as they may include security fixes. If you purchased Microsoft Office through the App Store, you can check for updates there.
Apple has built protections into macOS, and the company releases security fixes through operating system updates, so it’s important to install them as soon as they’re available. If Apple pulls an update, the company will re-release it as soon as it’s been properly revised with fixes.
igamesnews has several guides to help you, including a guide on whether or not you need antivirus software, a list of viruses, malware, and Trojans for Mac, and a comparison of Mac security software.
