In April 2024, Microsoft uncovered a vulnerability in macOS that could allow specially crafted codes to escape the App Sandbox and run unrestricted on the system.
An attacker could create an exploit to escape the App Sandbox without user interaction required for any sandboxed app using security-scoped bookmarks. With the ability to run code unrestricted on the affected device, attackers could perform further malicious actions like elevating privileges, exfiltrating data, and deploying additional payloads. Microsoft’s Threat Intelligence research demonstrates that these exploits would need to be complex, and require Office macros to be enabled, in order to successfully target the Microsoft Office app. Similar to our discovery of another sandbox escape vulnerability in 2022, Microsoft researchers uncovered this issue while researching potential methods to run and detect malicious macros in Microsoft Office on macOS.
Read more…
Source: Microsoft
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- Critical Microsoft Hyper-V bug could haunt orgs for a long time
July 28, 2021
Technical details are now available for a vulnerability that affects Hyper-V, Microsoft’s native hypervisor for creating virtual machines on Windows systems and in the Azure cloud computing environment. Currently tracked as CVE-2021-28476, the security issue has a critical severity score of 9.9 out of 10. Exploiting it on unpatched machines can have a devastating impact as ...
- Threat Actors Exploit Misconfigured Apache Hadoop YARN
July 27, 2021
The misconfiguration and resulting exposure of cloud services is one of the most prevalent risks in the Linux threat landscape. We previously analyzed incidents related to this security concern, such as an exposed Docker API being abused by threat actors in the wild and exposed Redis instances that threat actors actively search. This blog post will ...
- Google announces new bug bounty platform
July 27, 2021
Google announced a new bug bounty platform as it celebrated the 10-year anniversary of its Vulnerability Rewards Program (VRP). The program led to a total of 11,055 bugs found, 2,022 rewarded researchers and nearly $30 million in total rewards. Jan Keller, technical program manager for Google’s VRP, said that in honor of the program, they are ...
- Researchers warn of unpatched Kaseya Unitrends backup vulnerabilities
July 26, 2021
Security researchers warn of three new zero-day vulnerabilities in the Kaseya Unitrends service and advise users not to expose the service to the Internet. Kaseya Unitrends is a cloud-based enterprise backup and disaster recovery solution that is offered as a stand-alone solution or as an add-on for the Kaseya VSA remote management platform. Read more… Source: Bleeping Computer
- Apple fixes zero-day affecting iPhones and Macs, exploited in the wild
July 26, 2021
Apple has released security updates to address a zero-day vulnerability exploited in the wild and impacting iPhones, iPads, and Macs. The vulnerability, tracked as CVE-2021-30807, is a memory corruption issue in the IOMobileFramebuffer kernel extension reported by an anonymous researcher. Read more… Source: Bleeping Computer
- Fortinet fixes bug letting unauthenticated hackers run code as root
July 20, 2021
Fortinet has released updates for its FortiManager and FortiAnalyzer network management solutions to fix a serious vulnerability that could be exploited to execute arbitrary code with the highest privileges. Both FortiManager and FortiAnalyzer are enterprise-grade network management solutions for environments with up to 100,000 devices. They are available as a physical appliance, as a virtual machine, ...