{"id":195598,"date":"2024-09-03T04:24:33","date_gmt":"2024-09-03T09:24:33","guid":{"rendered":"https:\/\/lifeboat.com\/blog\/2024\/09\/new-flaws-in-microsoft-macos-apps-could-allow-hackers-to-gain-unrestricted-access"},"modified":"2024-09-03T04:24:33","modified_gmt":"2024-09-03T09:24:33","slug":"new-flaws-in-microsoft-macos-apps-could-allow-hackers-to-gain-unrestricted-access","status":"publish","type":"post","link":"https:\/\/lifeboat.com\/blog\/2024\/09\/new-flaws-in-microsoft-macos-apps-could-allow-hackers-to-gain-unrestricted-access","title":{"rendered":"New Flaws in Microsoft macOS Apps Could Allow Hackers to Gain Unrestricted Access"},"content":{"rendered":"<p><a class=\"aligncenter blog-photo\" href=\"https:\/\/lifeboat.com\/blog.images\/new-flaws-in-microsoft-macos-apps-could-allow-hackers-to-gain-unrestricted-access.jpg\"><\/a><\/p>\n<p>Eight vulnerabilities have been uncovered in Microsoft applications for macOS that an adversary could exploit to gain elevated privileges or access sensitive data by circumventing the operating system\u2019s permissions-based model, which revolves around the Transparency, Consent, and Control (<a href=\"https:\/\/thehackernews.com\/2023\/05\/microsoft-details-critical-apple-macos.html\" rel=\"noopener\" target=\"_blank\">TCC<\/a>) framework.<\/p>\n<p>\u201cIf successful, the adversary could gain any privileges already granted to the affected Microsoft applications,\u201d Cisco Talos <a href=\"https:\/\/blog.talosintelligence.com\/how-multiple-vulnerabilities-in-microsoft-apps-for-macos-pave-the-way-to-stealing-permissions\/\" rel=\"noopener\" target=\"_blank\">said<\/a>. \u201cFor example, the attacker could send emails from the user account without the user noticing, record audio clips, take pictures, or record videos without any user interaction.\u201d<\/p>\n<p>The shortcomings span various applications such as Outlook, Teams, Word, Excel PowerPoint, and OneNote.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Eight vulnerabilities have been uncovered in Microsoft applications for macOS that an adversary could exploit to gain elevated privileges or access sensitive data by circumventing the operating system\u2019s permissions-based model, which revolves around the Transparency, Consent, and Control (TCC) framework. \u201cIf successful, the adversary could gain any privileges already granted to the affected Microsoft applications,\u201d [\u2026]<\/p>\n","protected":false},"author":427,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1523],"tags":[],"class_list":["post-195598","post","type-post","status-publish","format-standard","hentry","category-computing"],"_links":{"self":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/195598","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/users\/427"}],"replies":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/comments?post=195598"}],"version-history":[{"count":0,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/195598\/revisions"}],"wp:attachment":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/media?parent=195598"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/categories?post=195598"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/tags?post=195598"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}