Hackers could use your Mac to exploit Microsoft Word security flaws

Microsoft has shed light on a flaw in macOS that, if exploited, could allow threat actors to run arbitrary code, remotely. The flaw, tracked as CVE-2022-26706, enables the circumvention of macOS App Sandbox rules, enabling macros in Word documents to run.

For years now, macros have been used by numerous threat actors, to trick people into downloading malware (opens in new tab), or ransomware, on their endpoints. It has gotten to a point when Microsoft decided to disable macros on all files outside the trusted network and to make it quite difficult for the average Word user to enable them.

Source link

Leave a Comment