Microsoft apps on Apple macOS susceptible to code injection attacks, find researchers

Popular Microsoft apps designed specifically for Apple’s macOS operating system were found to be susceptible to code injection attacks, according to research published by Cisco Talos. Researchers found eight vulnerabilities in apps including Excel, OneNote, Outlook, PowerPoint, Teams and Word, that could be exploited by threat actors to take advantage of Apple’s permission settings. Usually, operating systems follow a step-by-step process to ensure users have granted permission to third-party apps to access sensitive resources. Apple’s macOS also requires users to grant consent through pop-ups and includes provisions to stop code injection.