In April 2024, Microsoft uncovered a vulnerability in macOS that could allow specially crafted codes to escape the App Sandbox and run unrestricted on the system.
An attacker could create an exploit to escape the App Sandbox without user interaction required for any sandboxed app using security-scoped bookmarks. With the ability to run code unrestricted on the affected device, attackers could perform further malicious actions like elevating privileges, exfiltrating data, and deploying additional payloads. Microsoft’s Threat Intelligence research demonstrates that these exploits would need to be complex, and require Office macros to be enabled, in order to successfully target the Microsoft Office app. Similar to our discovery of another sandbox escape vulnerability in 2022, Microsoft researchers uncovered this issue while researching potential methods to run and detect malicious macros in Microsoft Office on macOS.
Read more…
Source: Microsoft
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- UK’s NCSC Explains How They Handle Discovered Vulnerabilities
December 1, 2018
When the United Kingdom’s National Cyber Security Center (NCSC) performs operational tasks, they may find vulnerabilities in software, hardware, websites, or critical infrastructure. When they find these vulnerabilities, they go through a review process called the “Equities Process” that determines if they are going to disclose the vulnerability so that it is fixed or if ...
- Backdoor in Popular JavaScript Library Set to Steal Cryptocurrency
November 27, 2018
A JavaScript library that scores over two million downloads every week has been injected with malicious code for stealing coins from a cryptocurrency wallet. The affected package is Event-Stream, built to simplify working with Node.js streaming modules and it is available through the npmjs.com repository. Although the malicious code was discovered last week, researchers were able to determine ...
- Old Printer Vulnerabilities Die Hard
November 23, 2018
New research on an old problem reveals despite efforts, the InfoSec professionals still have a way to go when it comes to securing printers. Despite copious warnings and efforts by the security community to harden the defenses of printers, they continue to represent a ripe target for attackers. Just this past summer researchers at Check Point found ...
- Almost 50 Percent of 2018 Vulnerabilities Can Be Exploited Remotely
November 20, 2018
Approximately half of all vulnerabilities disclosed during 2018 come with a remote attack vector while only 13% of them require local access according to Risk Based Security’s 2018 Q3 Vulnerability Quick View Report. As reported by Risk Based Security, 16,172 vulnerabilities were published by their VulnDB team until the end of Q3 2018, with a 7% decrease when ...
- 0-Days Found in iPhone X, Samsung Galaxy S9, Xiaomi Mi6 Phones
November 15, 2018
At Pwn2Own 2018 mobile hacking competition held in Tokyo on November 13-14, white hat hackers once again demonstrated that even the fully patched smartphones running the latest version of software from popular smartphone manufacturers can be hacked. Three major flagship smartphones—iPhone X, Samsung Galaxy S9, and Xiaomi Mi6—were among the devices that successfully got hacked at ...
- Siemens Patches Firewall Flaw That Put Operations at Risk
November 14, 2018
The industrial company on Tuesday released mitigations for eight vulnerabilities overall. Siemens AG on Tuesday issued a slew of fixes addressing eight vulnerabilities spanning its industrial product lines. The most serious of the patched flaws include a cross-site scripting vulnerability in Siemens’ SCALANCE firewall product. The flaw could allow an attacker to gain unauthorized access to ...