In April 2024, Microsoft uncovered a vulnerability in macOS that could allow specially crafted codes to escape the App Sandbox and run unrestricted on the system.
An attacker could create an exploit to escape the App Sandbox without user interaction required for any sandboxed app using security-scoped bookmarks. With the ability to run code unrestricted on the affected device, attackers could perform further malicious actions like elevating privileges, exfiltrating data, and deploying additional payloads. Microsoft’s Threat Intelligence research demonstrates that these exploits would need to be complex, and require Office macros to be enabled, in order to successfully target the Microsoft Office app. Similar to our discovery of another sandbox escape vulnerability in 2022, Microsoft researchers uncovered this issue while researching potential methods to run and detect malicious macros in Microsoft Office on macOS.
Read more…
Source: Microsoft
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- CISA Adds Two Known Exploited Vulnerabilities to Catalog
June 5, 2023
CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-33009 Zyxel Multiple Firewalls Buffer Overflow Vulnerability Read more… Source: U.S. Cybersecurity and Infrastructure Security Agency
- Zero-Day Vulnerability in MOVEit Transfer Exploited for Data Theft
June 2, 2023
Mandiant has observed wide exploitation of a zero-day vulnerability in the MOVEit Transfer secure managed file transfer software for subsequent data theft. This vulnerability was announced by Progress Software Corporation on May 31, 2023 and has been assigned CVE-2023-34362. Based on initial analysis from Mandiant incident response engagements, the earliest evidence of exploitation occurred on May ...
- Google entices bug bounty hunters with big offer
June 2, 2023
For 13 years, a key pillar of the Chrome Security ecosystem has included encouraging security researchers to find security vulnerabilities in Chrome browser and report them to us, through the Chrome Vulnerability Rewards Program. Starting today and until 1 December 2023, the first security bug report we receive with a functional full chain exploit, resulting in ...
- Progress Software Releases Security Advisory for MOVEit Transfer
June 1, 2023
Progress Software has released a security advisory for a SQL injection vulnerability (CVE-2023-34362) in MOVEit Transfer—a Managed File Transfer Software. A cyber threat actor could exploit this vulnerability to take over an affected system. CISA urgers users and organizations to review the MOVEit Transfer Advisory. Read more… Source: U.S. Cybersecurity and Infrastructure Security Agency
- Warning issued over ‘widespread’ exploitation of Zyxel NAS devices
June 1, 2023
Security researchers at two companies have issued warnings over ‘widespread’ exploitation of Zyxel network devices. Researchers at Rapid7 raised the alarm over the ongoing exploitation of a critical authenticated command injection vulnerability, tracked as CVE-2023-28771, that was found to affect multiple Zyxel devices. Read more… Source: ITPro
- Operation Triangulation: iOS devices targeted with previously unknown malware
June 1, 2023
While monitoring its own corporate Wi-Fi network dedicated for mobile devices using the Kaspersky Unified Monitoring and Analysis Platform (KUMA), Kaspersky researchers noticed suspicious activity that originated from several iOS-based phones. Since it is impossible to inspect modern iOS devices from the inside, researchers created offline backups of the devices in question, inspected them using the ...