In April 2024, Microsoft uncovered a vulnerability in macOS that could allow specially crafted codes to escape the App Sandbox and run unrestricted on the system.
An attacker could create an exploit to escape the App Sandbox without user interaction required for any sandboxed app using security-scoped bookmarks. With the ability to run code unrestricted on the affected device, attackers could perform further malicious actions like elevating privileges, exfiltrating data, and deploying additional payloads. Microsoft’s Threat Intelligence research demonstrates that these exploits would need to be complex, and require Office macros to be enabled, in order to successfully target the Microsoft Office app. Similar to our discovery of another sandbox escape vulnerability in 2022, Microsoft researchers uncovered this issue while researching potential methods to run and detect malicious macros in Microsoft Office on macOS.
Read more…
Source: Microsoft
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- GoAnywhere MFT zero-day vulnerability lets hackers breach servers
February 3, 2023
The developers of the GoAnywhere MFT file transfer solution are warning customers of zero-day remote code execution vulnerability on exposed administrator consoles. GoAnywhere is a secure web file transfer solution that allows companies to securely transfer encrypted files with their partners while keeping detailed audit logs of who accessed the files. Read more… Source: Bleeping Computer
- CISA Releases Six Industrial Control Systems Advisories
February 2, 2023
CISA released six Industrial Control Systems (ICS) advisories on February 2, 2023.These advisories provides timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisories for technical details and mitigations: ICSA-23-033-01 Delta Electronics DIAScreen ICSA-23-033-02 Mitsubishi Electric GOT2000 Series and GT SoftGOT2000 ICSA-23-033-03 Baicells Nova Read more… Source: U.S. ...
- New Sh1mmer ChromeBook exploit unenrolls managed devices
January 31, 2023
A new exploit called ‘Sh1mmer’ allows users to unenroll an enterprise-managed Chromebook, enabling them to install any apps they wish and bypass device restrictions. When Chromebooks are enrolled with a school or an enterprise, they are managed by policies established by the organization’s administrators. This allows admins to force-install browser extensions, apps, and to restrict how ...
- CISA Releases One Industrial Control Systems Advisory
January 31, 2023
CISA released one Industrial Control Systems (ICS) advisory on January 31, 2023. This advisory provides timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisory for technical details and mitigations. Read more… Source: U.S. Cybersecurity and Infrastructure Security Agency
- Exploit released for critical VMware vRealize RCE vulnerability
January 31, 2023
Horizon3 security researchers have released proof-of-concept (PoC) code for a VMware vRealize Log Insight vulnerability chain that allows attackers to gain remote code execution on unpatched appliances. VMware patched four security vulnerabilities in its vRealize log analysis tool last week, two being critical and allowing remote attackers to execute code on compromised devices. Read more… Source: Bleeping Computer
- ISC Releases Security Advisories for Multiple Versions of BIND 9
January 27, 2023
The Internet Systems Consortium (ISC) has released security advisories that address vulnerabilities affecting multiple versions of the ISC’s Berkeley Internet Name Domain (BIND) 9. A remote attacker could exploit these vulnerabilities to potentially cause denial-of-service conditions and system failures. Read more… Source: U.S. Cybersecurity and Infrastructure Security Agency