In April 2024, Microsoft uncovered a vulnerability in macOS that could allow specially crafted codes to escape the App Sandbox and run unrestricted on the system.
An attacker could create an exploit to escape the App Sandbox without user interaction required for any sandboxed app using security-scoped bookmarks. With the ability to run code unrestricted on the affected device, attackers could perform further malicious actions like elevating privileges, exfiltrating data, and deploying additional payloads. Microsoft’s Threat Intelligence research demonstrates that these exploits would need to be complex, and require Office macros to be enabled, in order to successfully target the Microsoft Office app. Similar to our discovery of another sandbox escape vulnerability in 2022, Microsoft researchers uncovered this issue while researching potential methods to run and detect malicious macros in Microsoft Office on macOS.
Read more…
Source: Microsoft
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- Google says nearly $9 million given out in 2021 vulnerability rewards
February 11, 2022
Google announced this week that its Vulnerability Reward Programs doled out $8,700,000 for vulnerability rewards in 2021. Researchers donated $300,000 of their rewards to a charity of their choice, according to a blog from Sarah Jacobus of Google’s Vulnerability Rewards Team. For Android vulnerabilities, payouts doubled compared to 2020, with almost $3 million being rewarded to researchers ...
- Apple patches new zero-day exploited to hack iPhones, iPads, Macs
February 11, 2022
Apple has released security updates to fix a new zero-day vulnerability exploited in the wild by attackers to hack iPhones, iPads, and Macs. The zero-day patched today is tracked as CVE-2022-22620 and is a WebKit Use After Free issue that could lead to OS crashes and code execution on compromised devices. Successful exploitation of this ...
- Microsoft manages a mere 51 security fixes for February update bundle
February 9, 2022
Microsoft for its February Patch Tuesday gave Windows admins just 51 fixes to apply, the smallest number of patches since the meager ration of 44 in August 2021. February tends to be a slow month for repairs because bugs left untended over the winter holidays often get dealt with in January, leaving not all that much ...
- Critical Vulnerabilities Affecting SAP Applications Employing Internet Communication Manager (ICM)
February 8, 2022
On February 8, 2022, SAP released security updates to address vulnerabilities affecting multiple products, including critical vulnerabilities affecting SAP applications using SAP Internet Communication Manager (ICM). SAP applications help organizations manage critical business processes—such as enterprise resource planning, product lifecycle management, customer relationship management, and supply chain management. Impacted organizations could experience: theft of sensitive data, financial ...
- Open-source Kubernetes tool Argo CD has a high-severity path traversal flaw: Patch now
February 4, 2022
A zero-day vulnerability in open-source Kubernetes development tool Argo lets malicious people steal passwords from git-crypt and other sensitive information by simply uploading a crafted Helm chart. Charts are the actual packaging format of ubiquitous tool-for-managing-Kubernetes applications Helm. The vuln, tracked as CVE-2022-24438, exists in Argo CD, a widely used open-source continuous delivery tool for Kubernetes. Patched ...
- Operation EmailThief: Zero-day XSS vulnerability in Zimbra email platform revealed
February 4, 2022
Researchers have uncovered an active campaign exploiting a zero-day vulnerability in the Zimbra email platform. Zimbra is an email platform available under an open source license. According to the developer, the platform supports hundreds of millions of mailboxes located in 140 countries. On February 3, cybersecurity researchers from Volexity, Steven Adair and Thomas Lancaster, said the system ...