Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Malware & Threats

Microsoft: Mac Malware Targeting Flaw Patched Three Years Ago

Microsoft researchers have discovered new malware targeting Mac OS, but unlike Flashback, this one is targeting a flaw in Office for Mac that was patched years ago.

Microsoft researchers have discovered new malware targeting Mac OS, but unlike Flashback, this one is targeting a flaw in Office for Mac that was patched years ago.

In 2009, Microsoft patched a flaw in Office for Mac that would have allowed an attacker the ability to execute code remotely. Yet, three years later, the flaw itself remains unpatched on several systems. With that said, the bad news is that attackers have created malware to target the vulnerability in the Mac OS X version of Office. The good news is that the malware itself isn’t widespread.

The flaw is present in Office 2004 and Office 2008 for Mac. However, after examining the malware further, it appears that the attack fails in Lion. Thus, Microsoft concluded, the attack is targeting users on Snow Leopard or earlier versions of OS X, and the code’s developer was familiar target environment beforehand.

The malware itself is rather generic, but once it is installed, the attacker’s command and control server will gain complete control over the system.

“We can see that Mac OSX is not safe from malware,” Microsoft wrote.

“Statistically speaking, as this operating system gains in consumer usage, attacks on the platform will increase. Exploiting Mac OSX is not much different from other operating systems. Even though Mac OSX has introduced many mitigation technologies to reduce risk, your protection against security vulnerabilities has a direct correllation with updating installed applications.”

More information is on the MMPC Blog.

Written By

Click to comment

Expert Insights

Related Content

Malware & Threats

Microsoft plans to improve the protection of Office users by blocking XLL add-ins from the internet.

Cybercrime

CISA, NSA, and MS-ISAC issued an alert on the malicious use of RMM software to steal money from bank accounts.

Cybercrime

Chinese threat actor DragonSpark has been using the SparkRAT open source backdoor in attacks targeting East Asian organizations.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Application Security

Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to...

Malware & Threats

Cybercrime in 2017 was a tumultuous year "full of twists and turns", with new (but old) infection methods, a major return to social engineering,...

Malware & Threats

Norway‎-based DNV said a ransomware attack on its ship management software impacted 1,000 vessels.

Cybercrime

Security researchers with Juniper Networks’ Threat Labs warn of a new Python-based backdoor targeting VMware ESXi virtualization servers.