A vulnerability found in Microsoft apps for macOS allowed hackers to spy on Mac users. Security researchers from Cisco Talos reported in a blog post how the vulnerability could be exploited by attackers and what Microsoft has been doing to fix the exploits.
Hackers can use Microsoft apps to access Mac users’ cameras and microphones
Cisco Talos, a cybersecurity group specializing in malware and system prevention, shared details on how a vulnerability in apps like Microsoft Outlook and Teams could lead attackers to access a Mac’s microphone and camera without the user’s consent. The attack is based on injecting malicious libraries into Microsoft apps to gain their entitlements and user-granted permissions.
Apple’s macOS has a framework known as Transparency Consent and Control (TCC), which manages app permissions to access things like location services, camera, microphone, library photos, and other files.
Each app needs an entitlement to request…
Source 9to5mac.com