In April 2024, Microsoft uncovered a vulnerability in macOS that could allow specially crafted codes to escape the App Sandbox and run unrestricted on the system.
An attacker could create an exploit to escape the App Sandbox without user interaction required for any sandboxed app using security-scoped bookmarks. With the ability to run code unrestricted on the affected device, attackers could perform further malicious actions like elevating privileges, exfiltrating data, and deploying additional payloads. Microsoft’s Threat Intelligence research demonstrates that these exploits would need to be complex, and require Office macros to be enabled, in order to successfully target the Microsoft Office app. Similar to our discovery of another sandbox escape vulnerability in 2022, Microsoft researchers uncovered this issue while researching potential methods to run and detect malicious macros in Microsoft Office on macOS.
Read more…
Source: Microsoft
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- Operation Earth Kitsune, Tracking SLUB’s Current Operations
October 19, 2020
Trend Micro have already published findings on the SLUB malware’s past campaigns. In our latest research paper, we uncovered a recent watering hole campaign that involves a new variant of the malware. The threat, which we dubbed as such due to its abuse of Slack and GitHub in previous versions, has not abused either of ...
- Three npm packages found opening shells on Linux, Windows systems
October 19, 2020
Three JavaScript packages have been removed from the npm portal on Thursday for containing malicious code. According to advisories from the npm security team, the three JavaScript libraries opened shells on the computers of developers who imported the packages into their projects. The shells, a technical term used by cyber-security researchers, allowed threat actors to connect remotely ...
- Ryuk Ransomware Gang Uses Zerologon Bug for Lightning-Fast Attack
October 19, 2020
The Ryuk threat actors have struck again, moving from sending a phishing email to complete encryption across the victim’s network in just five hours. That breakneck speed is partially the result of the gang using the Zerologon privilege-escalation bug (CVE-2020-1472), less than two hours after the initial phish, researchers said. The Zerologon vulnerability allows an unauthenticated attacker ...
- Bug bounty reporter cashes out on someone else’s exploit
October 19, 2020
Bug bounty programs have gained increased momentum and interest from the security research community for their role in promoting security awareness and responsible vulnerability disclosure. But they are not without their fair share of problems. Bug bounty platforms fill a genuine need. They help companies solicit vulnerability reports in their products from pen-testers and researchers in ...
- 800,000 SonicWall VPNs vulnerable to new remote code execution bug
October 16, 2020
Almost 800,000 internet-accessible SonicWall VPN appliances will need to be updated and patched for a major new vulnerability that was disclosed on Wednesday. Discovered by the Tripwire VERT security team, CVE-2020-5135 impacts SonicOS, the operating system running on SonicWall Network Security Appliance (NSA) devices. SonicWall NSAs are used as firewalls and SSL VPN portals to filter, control, ...
- Microsoft Addresses Windows TCP/IP RCE/DoS Vulnerability
October 14, 2020
Microsoft has released a security update to address a protocol vulnerability—CVE-2020-16898—in Windows Transmission Control Protocol (TCP)/IP stack handling of Internet Control Message Protocol version 6 (ICMPv6) Router Advertisement packets. A remote attacker could exploit this vulnerability to take control of an affected system or cause a denial-of-service condition. The Cybersecurity and Infrastructure Security Agency (CISA) encourages ...