Microsoft uncovered exploit for macOS sandbox escape bug
Microsoft claims that the vulnerability could allow specially crafted codes to run unrestricted on Apple’s operating system.
The bug, identified as CVE-2022-26706, could allow threat actors to bypass App Sandbox restrictions. App Sandbox is Apple’s access control feature developers must adopt to distribute their apps via the Mac App Store.
According to researchers at Microsoft, attackers could abuse the exploit to gain elevated privileges on the affected device or execute malicious commands.
The bug was discovered when Microsoft’s researchers played with potential ways to run and detect malicious macros in Microsoft Office, running on macOS.
App Sandbox restrictions could be bypassed using a specially crafted Word macro. Microsoft noted that the access point is particularly important as threat actors prefer using macros to deploy malware on Windows OS devices.
“Our findings revealed that it was possible to escape the sandbox by leveraging macOS’s Launch Services to run an open –stdin command on a specially crafted Python file with the said prefix,” said Microsoft’s blog post.
The company’s researchers created a proof-of-concept bypassing a rule that prevents macOS from running files with ‘com.apple.quarantine’ extended attribute.
“However, –stdin bypassed the ‘com.apple.quarantine’ extended attribute restriction, as there was no way for Python to know that the contents from its standard input originated from a quarantined file,” reads the blog post.
More from Cybernews:
Tamagotchi generation: are you ready to raise virtual babies in the metaverse?
UK police arrest three people by using facial recognition in central London
Ex-CIA hacker convicted of WikiLeaks data crime
Elden Ring publisher Bandai Namco confirms cyberattack
Over 1.9m people impacted in one of this year’s biggest medical data breaches
Subscribe to our newsletter
Your email address will not be published. Required fields are marked