Are you using Microsoft apps on a Mac device? If so, you should be aware that a new vulnerability has been discovered which could give hackers access to your camera and microphone without your consent.
The threat has been discovered by the security threat intelligence firm Cisco Talos. The company has found eight individual vulnerabilities in Microsoft apps running on MacOS that could cause significant problems for your cybersecurity defences.
What is the problem?
In some circumstances, malicious code is being injected into Microsoft apps to override user entitlements and access permissions. This gives hackers access to resources such as cameras, microphones, screen recordings, folders, and user inputs, which they can use to steal sensitive information or spy on user behaviour.
Right now, Microsoft is classing the issue as “low risk”, but we believe that it’s something that all Mac users should be aware of. Remaining on high alert to any known threats is essential to maintaining your security defences.
What apps are affected?
The problem is primarily focused on Microsoft’s most popular apps.
The complete list of apps include:
- Microsoft Outlook: CVE-2024-42220
- Microsoft Teams (work or school): CVE-2024-42004
- Microsoft PowerPoint: CVE-2024-39804
- Microsoft OneNote: CVE-2024-41159
- Microsoft Excel: CVE-2024-43106
- Microsoft Word: CVE-2024-41165
- Microsoft Teams (work or school): CVE-2024-41145
- Microsoft Teams (work or school) CVE-2024-41138
Currently, Microsoft has created a patch fix for Teams and OneNote.
However, Outlook, Excel, Word and PowerPoint remain vulnerable.
How has the problem emerged?
Apple has a strict multi-layered security system for third-party apps and plugins.
As standard, any app will have restricted access to any assets. Users should always have to provide consent for apps to be able to access resources or data such as contacts, calendars, photos and more.
Apple’s model of Transparency, Consent and Control (TCC) should mean that every app only ever has access to the minimum resources that it needs to function. If an app requires access to sensitive or confidential information (such as contacts, calendars, cameras, photos, webcams, etc), a pop-up window should usually appear. This asks users to grant specific permission and verify the legitimacy of the request.
However, with this specific vulnerability, the malicious code is overriding these safeguards.
This could potentially be a significant problem as users may find that hackers could gain access to those additional resources without the pop-up window requesting access. This means that a hacker could potentially hijack your system without users being aware that there is anything amiss.
What can you do to protect yourself from this threat?
Right now, Microsoft is considering this to be a low risk. They have added patch updates to some of the affected apps, but not all of them.
If you are worried about what this could mean for you, please pick up the phone and call us or log a ticket through our ticket log. Our team of experienced engineers can examine your MacOS and confirm if your Microsoft apps are protected.
We will double-check and reconfirm any security settings, making sure that your system remains resilient to threats and potential risks.
Our message for any business in Suffolk, Norfolk or Essex is to make sure that you are continuously proactive when it comes to potential cyberbreaches. We would much rather you contact us with any minor suspicion than run the risk of hackers gaining access to your system.
As we always say, prevention is better than cure!
The original report findings from Cisco Talos can be downloaded from their website.