In April 2024, Microsoft uncovered a vulnerability in macOS that could allow specially crafted codes to escape the App Sandbox and run unrestricted on the system.
An attacker could create an exploit to escape the App Sandbox without user interaction required for any sandboxed app using security-scoped bookmarks. With the ability to run code unrestricted on the affected device, attackers could perform further malicious actions like elevating privileges, exfiltrating data, and deploying additional payloads. Microsoft’s Threat Intelligence research demonstrates that these exploits would need to be complex, and require Office macros to be enabled, in order to successfully target the Microsoft Office app. Similar to our discovery of another sandbox escape vulnerability in 2022, Microsoft researchers uncovered this issue while researching potential methods to run and detect malicious macros in Microsoft Office on macOS.
Read more…
Source: Microsoft
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- Google launches bounty program to spot misuses of Google API, Chrome, and Android user data
August 29, 2019
Google announced today a new bug bounty program through which security researchers can report cases of abuse where third-party apps are stealing or misusing Google user data. The new bounty program is named the Developer Data Protection Reward Program (DDPRP), and security researchers can report cases of potential data abuse in third-party apps that have access to ...
- Patch now: Cisco IOS XE routers exposed to rare 10/10-severity security flaw
August 29, 2019
Cisco is urging customers to install updates for a critical bug affecting its popular IOS XE operating system that powers millions of enterprise network devices around the world. The bug has a rare Common Vulnerability Scoring System (CVSS) version 3 rating of 10 out of a possible 10 and allows anyone on the internet to bypass the login ...
- Hackers mount attacks on Webmin servers, Pulse Secure, and Fortinet VPNs
August 25, 2019
To nobody’s surprise, hacker groups have started exploiting vulnerabilities that have been made public earlier this month, taking advantage of public technical details and demo exploit code to launch attacks against real-world targets. Attacks have started this week, and they’ve been seen targeting Webmin, a web-based utility for managing Linux and *NIX systems, but also enterprise ...
- AMEO ‘concerned’ about nation-state attacks on power grids
August 22, 2019
“For the energy sectors and critical infrastructure sectors, particularly around electricity, we are concerned about nation-state actors,” says Tim Daly, chief security officer (CSO) for the Australian Energy Market Operator (AEMO). “Nation-states are looking to have capability and implants that are persistent within critical organisations,” he told the Gartner Security and Risk Management Summit in Sydney ...
- Unpatchable security flaw found in popular SoC boards
August 20, 2019
Security researchers have discovered an unpatchable security flaw in a popular brand of system-on-chip (SoC) boardsmanufactured by Xilinx. The vulnerable component is Xilinx’s Zynq UltraScale+ brand, which includes system-on-chip (SoC), multi-processor system-on-chip (MPSoC), and radio frequency system-on-chip (RFSoC) products used inside automotive, aviation, consumer electronics, industrial, and military components. According to security researchers with Inverse Path — F-Secure’s hardware ...
- Hackers Planted Backdoor in Webmin, Popular Utility for Linux/Unix Servers
August 20, 2019
Following the public disclosure of a critical zero-day vulnerability in Webmin last week, the project’s maintainers today revealed that the flaw was not actually the result of a coding mistake made by the programmers. Instead, it was secretly planted by an unknown hacker who successfully managed to inject a backdoor at some point in its build ...