A combination of bugs in Office for Mac and macOS enabled macro viruses on the Mac. The bugs are now fixed but concerning nonetheless.
Security researcher Patrick Wardle (former NSA hacker and now head of security at Jamf) has an impressive track record for finding flaws security flaws on the Mac platform. His latest report was shared at this year’s Black Hat conference (held virtually). He has also published a blog post where he goes in depth into how the attack works.
The attack uses a series of bugs that together make it possible to completely take over a Mac simply by tricking the user into opening a Word or Excel document. No dialogs open, no password is required, and a backdoor is created directly to the hacker’s IP address that allows you to control and install new malware without sandbox restrictions.
All bugs were reported to Apple and Microsoft. Microsoft blocked the bug in Office, but pointed out that other faults were with Apple. Apple thanked Wardle for the report, but said nothing more.
Patrick Wardle discovered that the bugs were fixed in macOS 10.15.3, and Apple updated the list of security fixes with a thank you when he pointed it out – several months after the launch of the system update.
This goes to show that as secure as the Mac is there can still be reason for caution. We highlight some important security settings for your Mac here. We also have a list of Mac viruses that complements our article about whether Macs can get viruses.
This article originally appeared on Macworld Sweden. Translation by Karen Haslam.
