According to cybersecurity experts at Cisco Talos, Microsoft applications for macOS recently had vulnerabilities that allowed hackers to potentially spy on Mac users. These flaws enabled attackers to bypass Apple’s robust security measures and exploit permissions granted to Microsoft apps without the user’s knowledge, raising significant privacy concerns.

The issue centers around macOS’s permission system, known as Transparency, Consent, and Control (TCC). The system is designed to protect users by requiring explicit consent before apps can access sensitive data like your camera, microphone, or contacts. Normally, if an app wants to use your camera, for example, macOS will prompt you to either approve or deny the request.

However, Cisco Talos found that eight Microsoft apps, including Outlook, Teams, Word and Excel, had vulnerabilities that could be exploited by hackers. These vulnerabilities allowed attackers to bypass the TCC system. This means that hackers could use the permissions already granted to these apps to spy on users, send emails or even record videos – all without the user knowing.

How does this affect users?

Imagine you’ve allowed Microsoft Teams to use your camera for a video call. With this vulnerability, a hacker can secretly access your camera through Teams, record you, and you won’t even be aware of it. The same can happen with your microphone, allowing someone to listen in on your conversation.
The main problem lay in the way these Microsoft apps were configured. They included a setting called “disable-library-validation,” which is usually intended to allow plugins to load. Unfortunately, this setting made it easy for hackers to insert malicious code into these apps, effectively taking control of them and gaining access to all of the app’s permissions.

What did Microsoft do?

Microsoft was informed about these vulnerabilities by Cisco Talos. However, the tech giant considered these issues to be low-risk and has not yet fixed them. Microsoft argued that some of these permissions are required for their apps to work properly with plugins, so they decided not to patch the vulnerabilities.

What should users do?

While the risk may seem low, it’s important for Mac users to be vigilant. Make sure your macOS is up to date and monitor the permissions you grant to your apps. If you don’t need certain features, consider revoking access through the Privacy and Security settings on your Mac.
By being vigilant you can protect your privacy, even if the apps you use have vulnerabilities.