Advertisement

Updated August 13th, 2020 at 11:00 IST

MS Office exploits used to hack macOS devices: Problem solved internally

MS Office exploits would have lead to your macOS getting hacked by hackers easily. Security Researcher, Patrick Wardle found out the problem. Read more.

Reported by: Yash Tripathi
ms office
| Image:self
Advertisement

Not so long ago, Patrick Wardle, who is a macOS security researcher and former NSA hacker, discovered a new vulnerability in Mac devices. As per the macOS security researcher, this vulnerability would have allowed a hacker to take control of a Mac device just by using a simple MS Office file. However, now this problem has been fixed by the American company.

Mac device vulnerability fixed

Wardle revealed in his blog post that any hacker could hack a Mac device using a simple Microsoft Office file feature known as the 'macro'. This tool actually gives the hacker complete control over the devices in a very less amount of time. This is not the first time that hacks have exploited MS Office features on Windows devices, but it is surely the very first instance of a researcher demonstrating a macro-enabled exploit working on macOS as well. Microsoft Office apps allow users to automate tasks with custom commands using the ‘macro' feature, however, the exploit has now been patched.

Also Read | Google Pixel Smartwatch pictures, release date and more; know details

The macOS security researcher explained all about this issue in a blog post. He mentioned in his blog that several breaches and bugs were present in MS Office which would have aided hackers to inject the malicious code on macOS devices. He also mentioned that he created a file in the age-old ‘SLK' format to sidestep the macOS security system. 

Also Read | How to stream PUBG Mobile on YouTube? Here is an easy method for you

The researcher also created a file whose name started with the ‘$' character. This particular file with the malicious code was able to break the MS Office sandbox and enable the researcher to access the macOS device. A video was also published by Wardle to show off how the malicious code was used to open the Calculator app through Microsoft Excel. The searcher says that this exploit could be used to access other things as well. 

Also Read | How to remove a college on the Common app? Learn step-by-step procedure

According to the blog post by Patrick Wardle, the exploit can only work when the 'macro' feature of Microsoft Office is enabled by a user. Apple did not respond to this issue, however, a Microsoft spokesperson told a leading publication that the company has investigated and determined that any application, even when sandboxed, is vulnerable to misuse of these APIs. The spokesperson also said that the two companies are in regular discussion to resolve this issue. Nevertheless, the flaw has been fixed by Apple and Microsoft in macOS 10.15.3 and the latest version of Microsoft Office on Mac, respectively.

Also Read | How to unmute on Instagram? Learn to unmute stories, people & messages

Advertisement

Published August 13th, 2020 at 11:00 IST

Your Voice. Now Direct.

Send us your views, we’ll publish them. This section is moderated.

Advertisement
Advertisement

Trending Quicks

Advertisement
Advertisement
Advertisement
Whatsapp logo