Microsoft Office Exploit Used to Hack macOS Devices, Fix Released

Apple and Microsoft have fixed the flaw in macOS 10.15.3 and the latest version of Office on Mac, respectively.

Share on Facebook Tweet Snapchat Share Reddit Comment
Microsoft Office Exploit Used to Hack macOS Devices, Fix Released

Researcher used the age-old SLK format to perform the exploit

Highlights
  • Microsoft Office SLK format is used to sidestep the macOS security system
  • Former NSA hacker Patrick Wardle was able to discover this exploit
  • Apple has offered no response to Wardle’s reports of the new flaw

macOS security researcher and former NSA hacker Patrick Wardle has discovered a new vulnerability that would have allowed a hacker to take control of a Mac device by using a simple Microsoft Office file. The researcher discovered that hackers could easily misuse the ‘macro' feature in Microsoft Office to take control of devices. Microsoft Office apps allow users to automate tasks with custom commands using the ‘macro' feature. While hacks exploiting Office features on Windows devices have been reported earlier, this is said to be the first time that a researcher has demonstrated a macro-enabled exploit working on macOS as well. The exploit has now been patched.

In a blog post, the security researcher explained using several breaches and bugs that were present in Microsoft Office to inject the malicious code on macOS devices. The researcher created a file in the age-old ‘SLK' format to sidestep the macOS security system. The researcher also created a file whose name started with the ‘$' character. This particular file with the malicious code was able to break the Microsoft Office sandbox and enable the researcher to access the macOS device. Wardle even published a video showing off how the malicious code was used to open the Calculator app through Microsoft Excel. The searcher says that this exploit could be used to access other things as well.

For the exploit to work, the ‘macro' feature has to be enabled by the user for its Microsoft Office apps. The researcher points that Microsoft Office asks users if they really want to enable the ‘automated task' feature, and users who don't look at system alerts and just click on any option to rush through dialog boxes, are often more prone to harm than others. “Humans are impatient, exploits don't have to be,” the researcher told Vice.

While Apple did not respond to Wardle's report of the newly discovered flaw, a Microsoft spokesperson told the publication, “The company has investigated and determined that any application, even when sandboxed, is vulnerable to misuse of these APIs. We are in regular discussion with Apple to identify solutions to these issues and support as needed.” Furthermore, Apple and Microsoft have fixed the flaw in macOS 10.15.3 and the latest version of Microsoft Office on Mac, respectively.


WWDC 2020 had a lot of exciting announcements from Apple, but which are the best iOS 14 features for India? We discussed this on Orbital, our weekly technology podcast, which you can subscribe to via Apple Podcasts, Google Podcasts, or RSS, download the episode, or just hit the play button below.

Comments

For the latest tech news and reviews, follow Gadgets 360 on Twitter, Facebook, and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel.

Further reading: Apple, Microsoft, Microsoft Office, macOS
Tasneem Akolawala Tasneem Akolawala is a Senior Reporter for Gadgets 360. Her reporting expertise encompasses smartphones, wearables, apps, social media, and the overall tech industry. She reports out of Mumbai, and also writes about the ups and downs in the Indian telecom sector. Tasneem can be reached on Twitter at @MuteRiot, and leads, tips, and releases can be sent to tasneema@ndtv.com. More
Canon Hit by Maze Ransomware Attack, Image.Canon Service Down: Report
Oppo A52 8GB RAM Variant Launched in India as a Part of Amazon Prime Day 2020 Sale

Related Stories

 
 

Advertisement

Advertisement

© Copyright Red Pixels Ventures Limited 2020. All rights reserved.
Listen to the latest songs, only on JioSaavn.com