Cisco Talos security researchers have reported a vulnerability in Microsoft’s macOS applications.

macOS uses a file access control called Transparency, Consent, and Control (TCC) that governs the permissions apps have to access features like location services, camera, microphone, photos, and other files. Each app needs TCC permission to access these resources. Apps that don’t have these permissions can’t use the camera and other system components. However, there was an exploit that gave permissions granted to Microsoft apps to other software.

Due to vulnerabilities, attackers can bypass this restriction. For example, a hacker can become the master of software that will record audio from the microphone or take photos without any user interaction. Most applications, with the exception of Excel, have the ability to record audio, and some can even gain access to the camera.

Microsoft rates the exploit as “low risk” because it relies on loading unregistered libraries to work with persistent plugins. The company has already released updates for some of its applications, but Excel, PowerPoint, Word, and Outlook remain vulnerable.

Experts hope Apple will make changes to the OS to require users to grant additional permission when enabling additional plug-ins in apps that have already been granted permission. [9to5]






Source: Iphones RU

Previous articleIn Amsterdam, officials were banned from using Telegram due to “risk of espionage”
Next articleAnalysts have found out which services in Moscow have risen the most in price
I am a professional journalist and content creator with extensive experience writing for news websites. I currently work as an author at Gadget Onus, where I specialize in covering hot news topics. My written pieces have been published on some of the biggest media outlets around the world, including The Guardian and BBC News.

LEAVE A REPLY

Please enter your comment!
Please enter your name here