Technology
Microsoft apps on macOS could be your biggest privacy threat
Microsoft apps like Word, Excel, Outlook and Teams are so popular (and useful) that they’re nearly unavoidable, whether you’re on a Windows computer or a Mac. However, these apps can become a hacker’s paradise on Apple Macs due to an unpatched vulnerability.
A cybersecurity research group has revealed that Microsoft apps on Macs have a security flaw that could allow hackers to access your photos, videos, contacts and almost all of your private data.
The worst part? Microsoft doesn’t consider it a big enough threat to fix.
GET SECURITY ALERTS, EXPERT TIPS — SIGN UP FOR KURT’S NEWSLETTER — THE CYBERGUY REPORT HERE
Microsoft ad. (Microsoft)
Vulnerabilities in Microsoft apps expose users to unauthorized data access
The cybersecurity research group Cisco Talos has discovered security vulnerabilities in Excel, OneNote, Outlook, PowerPoint, Teams and Word. These vulnerabilities allow attackers to inject malicious libraries into these apps, giving them access to the apps’ permissions and user-granted entitlements.
To understand why that’s dangerous, let’s first look at macOS’s framework. Mac devices operate on a permission-based system and rely on the Transparency, Consent and Control (TCC) framework. You’ve probably noticed that every time you download a new app, you’re asked to grant permission for it to run. Similarly, when an app wants to access sensitive information like contacts, photos or webcams, you’re prompted to allow or block access.
This system ensures that you know and trust the apps that have access to your private information. However, Apple doesn’t allow just any app to request access to sensitive data — only those with the proper entitlements, meaning apps that Apple has authorized to make such requests. Apps without these entitlements won’t prompt you for permission to access sensitive data.
The Microsoft apps mentioned above have these entitlements, and the security flaw within them allows hackers to bypass permission requests and access your sensitive information.
“We identified eight vulnerabilities in various Microsoft applications for macOS, through which an attacker could bypass the operating system’s permission model by using existing app permissions without prompting the user for any additional verification,” the researchers explain.
For example, a hacker could design malicious software to read your emails or view your browsing history without you even knowing. “All apps, except for Excel, can access sensitive data like your emails and web activity,” the group adds.
Macs on a desk. (Kurt “CyberGuy” Knutsson)
4.3 MILLION AMERICANS EXPOSED IN MASSIVE HEALTH SAVINGS ACCOUNT DATA BREACH
Is Microsoft working on a fix?
Microsoft considers the security flaws “low risk” and has declined to fix them in some apps. “Microsoft considers these issues low risk, and some of their applications, they claim, need to allow loading of unsigned libraries to support plugins and have declined to fix the issues,” the Cisco Talos research group said.
Microsoft updated the Teams and OneNote apps on macOS to change how they handle the library validation entitlement. However, Excel, PowerPoint, Word and Outlook remain vulnerable to the exploit.
Cisco Talos hasn’t provided a working example of how this vulnerability could be exploited in real-world attacks. They also haven’t confirmed whether hackers have used the flaw to access users’ sensitive information yet.
A woman working on her Mac laptop. (Kurt “CyberGuy” Knutsson)
A NEW RUSSIAN THREAT TARGETS OVER 100 APPLE MACOS BROWSER EXTENSIONS
Microsoft and Apple’s response
We reached out to Microsoft, and a company spokesperson offered this statement:
“The disclosed cases do not pose a significant security risk as the technique described requires the attacker to already have a certain level of access to the system. However, we have implemented several updates for added protection, as detailed in the report. As a best practice, customers should keep their software updated and regularly review application permissions.”
We also contacted Apple but did not hear back by our deadline.
What can you do to protect your data?
There’s not much you can do to protect yourself in this situation unless Microsoft patches the vulnerability. Still, below are some steps you can take to minimize the risk.
1. Keep your apps updated: Regularly check for updates to your Microsoft apps through the Mac App Store or the Microsoft AutoUpdate tool. Even though not all vulnerabilities may be addressed, updates often include important security patches that reduce your risk of exploitation.
2. Limit permissions: Go to your macOS settings and review the permissions granted to Microsoft apps. Disable access to sensitive data like your camera, microphone, contacts, and calendar unless absolutely necessary. For example, if you rarely use the camera in Teams, you can revoke its access. Here’s how to do it:
- Click on the Apple menu in the top-left corner of your screen and select “System Settings.”
- In the System Settings window, scroll down and select “Privacy & Security” from the sidebar.
- Within the Privacy & Security section, you’ll find various categories such as Camera, Microphone, Contacts and Calendars. Click on each category to see which apps have access.
- For each category, find Microsoft apps (e.g., Microsoft Teams, Outlook) and uncheck them to revoke access if unnecessary. For example, if you rarely use the camera in Teams, you can uncheck it in the Camera section.
- Close the System Settings window to save your changes. The apps will no longer have access to the specified data unless you grant it again in the future.
For earlier macOS versions, the steps to limit permissions for Microsoft apps are slightly different. Here’s how you can do it:
- Click on the Apple menu in the top-left corner of your screen and select “System Preferences.”
- In the System Preferences window, click on “Security & Privacy.”
- In the Security & Privacy window, go to the “Privacy” tab.
- On the left sidebar, you’ll see various categories such as Camera, Microphone, Contacts and Calendars.
- Click on each category to see which apps have access.
- To make changes, you may need to click the lock icon in the bottom-left corner and enter your administrator password.
- Find the Microsoft apps (e.g., Microsoft Teams, Outlook) and uncheck them to revoke access if unnecessary.
- Close the Security & Privacy window to save your changes. The apps will no longer have access to the specified data unless you grant it again in the future.
These steps help ensure that Microsoft apps on your macOS have limited access to sensitive data, enhancing your privacy and security.
3. Consider alternatives: If you’re concerned about security, consider using alternative office software that is less susceptible to these vulnerabilities. Apple’s suite of productivity apps, including Pages, Numbers and Keynote, are designed specifically for macOS and offer robust security features. These apps can serve as viable replacements for Word, Excel and PowerPoint, respectively.
Additionally, Google Workspace offers cloud-based tools like Google Docs, Sheets and Slides, which are accessible from any device and provide strong security measures. By switching to these alternatives, you can reduce the risk of unauthorized data access and maintain better control over your personal information.
4. Use strong antivirus software: The best way to safeguard yourself from malicious links that install malware and potentially access your private information on your Mac is to have antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe. Get my picks for the best 2024 antivirus protection winners for your Windows, Mac, Android and iOS devices.
MASSIVE SECURITY FLAW PUTS MOST POPULAR BROWSERS AT RISK ON MAC
Kurt’s key takeaway
While Microsoft apps like Word, Excel, Outlook and Teams are indispensable tools for many, their vulnerabilities on macOS pose significant security risks. The discovery highlights how these apps can be exploited to access sensitive data without your consent. Despite the seriousness of these findings, Microsoft’s decision not to address all vulnerabilities leaves you in a precarious position. It’s crucial for you to stay vigilant by keeping your apps updated, limiting permissions and considering alternative software solutions to safeguard your data. As technology evolves, so do the threats, making it essential for you to prioritize security.
How should Microsoft take responsibility for ensuring your security and privacy in light of identified vulnerabilities in its applications? Let us know by writing us at Cyberguy.com/Contact
For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter
Ask Kurt a question or let us know what stories you’d like us to cover.
Follow Kurt on his social channels:
Answers to the most-asked CyberGuy questions:
New from Kurt:
Copyright 2024 CyberGuy.com. All rights reserved.
Updates to [@]Grok Account
We have implemented technological measures to prevent the Grok account from allowing the editing of images of real people in revealing clothing such as bikinis. This restriction applies to all users, including paid subscribers.
Additionally, image creation and the ability to edit images via the Grok account on the X platform are now only available to paid subscribers. This adds an extra layer of protection by helping to ensure that individuals who attempt to abuse the Grok account to violate the law or our policies can be held accountable.
Geoblock update
We now geoblock the ability of all users to generate images of real people in bikinis, underwear, and similar attire via the Grok account and in Grok in X in those jurisdictions where it’s illegal.
NEWYou can now listen to Fox News articles!
Mac users often assume they’re safer than everyone else, especially when they stick to official app stores and trusted tools.
That sense of security is exactly what attackers like to exploit. Security researchers have now uncovered a fresh wave of malicious Mac extensions that don’t just spy on you, but can also steal cryptocurrency wallet data, passwords and even Keychain credentials. What makes this campaign especially concerning is where the malware was found, inside legitimate extension marketplaces that many people trust by default.
Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.
Once active, GlassWorm targets passwords, crypto wallets, and even your macOS Keychain without obvious warning signs. (Cyberguy.com)
How malicious Mac extensions slipped into trusted stores
Security researchers at Koi Security uncovered a new wave of the GlassWorm malware hiding inside extensions for code editors like Visual Studio Code (via Bleeping Computer). If you’re not familiar with code editors, they’re tools developers use to write and edit code, similar to how you might use Google Docs or Microsoft Word to edit text. These malicious extensions appeared on both the Microsoft Visual Studio Marketplace and OpenVSX, platforms widely used by developers and power users.
FAKE AI CHAT RESULTS ARE SPREADING DANGEROUS MAC MALWARE
At first glance, the extensions looked harmless. They promised popular features like code formatting, themes or productivity tools. Once installed, though, they quietly ran malicious code in the background. Earlier versions of GlassWorm relied on hidden text tricks to stay invisible. The latest wave goes further by encrypting its malicious code and delaying execution, making it harder for automated security checks to catch.
Even though this campaign is described as targeting developers, you don’t need to write code to be at risk. If you use a Mac, install extensions or store passwords or cryptocurrency on your system, this threat still applies to you.
What GlassWorm does once it’s on your Mac
Once active, GlassWorm goes after some of the most sensitive data on your device. It attempts to steal login credentials tied to platforms like GitHub and npm, but it doesn’t stop there. The malware also targets browser-based cryptocurrency wallets and now tries to access your macOS Keychain, where many saved passwords are stored.
Researchers also found that GlassWorm checks whether hardware wallet apps like Ledger Live or Trezor Suite are installed. If they are, the malware attempts to replace them with a compromised version designed to steal crypto. That part of the attack isn’t fully working yet, but the functionality is already in place.
To maintain access, the malware sets itself up to run automatically after a reboot. It can also allow remote access to your system and route internet traffic through your Mac without you realizing it, turning your device into a quiet relay for someone else.
Some of the malicious extensions showed tens of thousands of downloads. Those numbers can be manipulated, but they still create a false sense of trust that makes people more likely to install them.
7 steps you can take to stay safe from malicious Mac extensions
Malicious extensions don’t look dangerous. That’s what makes them effective. These steps can help you reduce the risk, even when threats slip into trusted marketplaces.
1) Only install extensions you actually need
Every extension you install increases risk. If you’re not actively using one, remove it. Be especially cautious of extensions that promise big productivity gains, premium features for free or imitate popular tools with slightly altered names.
2) Verify the publisher before installing anything
Check who made the extension. Established developers usually have a clear website, documentation and update history. New publishers, vague descriptions or cloned names should raise red flags.
These malicious extensions looked like helpful tools but quietly ran hidden code once installed. (Cyberguy.com)
3) Use a password manager
A password manager keeps your logins encrypted and stored safely outside your browser or editor. It also ensures every account has a unique password, so if one set of credentials is stolen, attackers can’t reuse it elsewhere.
Next, see if your email has been exposed in past breaches. Our No. 1 password manager pick includes a built-in breach scanner that checks whether your email address or passwords have appeared in known leaks. If you discover a match, immediately change any reused passwords and secure those accounts with new, unique credentials.
Check out the best expert-reviewed password managers of 2026 at Cyberguy.com.
HOW HACKERS ARE BREAKING INTO APPLE DEVICES THROUGH AIRPLAY
4) Run strong antivirus software on your Mac
Modern macOS malware doesn’t always drop obvious files. Antivirus tools today focus on behavior, looking for suspicious background activity, encrypted payloads and persistence mechanisms used by malicious extensions. This adds a critical safety net when something slips through official marketplaces.
The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.
Get my picks for the best 2026 antivirus protection winners for your Windows, Mac, Android and iOS devices at Cyberguy.com.
5) Consider a personal data removal service
When your data leaks, it often spreads across data broker sites and breaches databases. Personal data removal services help reduce how much of your information is publicly available, making it harder for attackers to target you with follow-up scams or account takeovers.
While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.
Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com.
Get a free scan to find out if your personal information is already out on the web: Cyberguy.com.
6) Turn on two-factor authentication (2FA)
Enable 2FA wherever possible, especially for email, cloud services, developer platforms and crypto-related accounts. Even if a password is stolen, 2FA can stop attackers from logging in.
7) Keep macOS and your apps fully updated
Security updates close gaps that malware relies on. Turn on automatic updates so you’re protected even if you miss the headlines or forget to check manually.
Mac users often trust official app stores, but that trust is exactly what attackers are counting on. (Kurt “CyberGuy” Knutsson)
Kurt’s key takeaway
GlassWorm shows that malware doesn’t always come from shady downloads or obvious scams. Sometimes it hides inside tools you already trust. Even official extension stores can host malicious software long enough to cause real harm. If you use a Mac and rely on extensions, a quick review of what’s installed could save you from losing passwords, crypto or access to important accounts.
When was the last time you checked the extensions running on your Mac? Let us know by writing to us at Cyberguy.com.
CLICK HERE TO DOWNLOAD THE FOX NEWS APP
Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.
Copyright 2026 CyberGuy.com. All rights reserved.
BMW teased its forthcoming all-electric M-series performance sedan today, promising that the quad-motor M3 sports car would feature specs that are truly next level when it arrives in 2027.
The M3 will have four electric motors and simulated gear shifting, a feature that is quickly becoming a must-have for electrified sports cars. BMW says the setup unlocks the benefits of both rear and all-wheel drive, with the ability to decouple the front axle.
The electric M3 will also be built on BMW’s Neue Klasse platform that promises more efficient batteries, lightning fast charging, and higher powered computers. The architecture will be 800-volt, the regenerative braking will be highly efficient, and if the camouflaged pictures are any indication, it will be a real looker on the streets.
Speaking of computers, the M3 will have four of them, unified under its oddly named “Heart of Joy” component that aggregates all the traction, stability, and electric motor management functions of the vehicle. That means when software updates are made available, the vehicle’s brain will be able to receive them over-the-air faster than BMW’s current processors.
The M3’s simulated gear shifting will feature a “newly developed soundscape” that “channels pure emotion.” Like other automakers, BMW is loath to alienate its loyal M-series customers by giving them all the torque but none of the gearing feedback. And now a fake “soundscape” will accompany all that shifting. Porsche, Hyundai, and Dodge are also on board the fake EV gear shifting bandwagon.
Photos capture new protests after second ICE shooting in Minneapolis
City-County Councilor Vop Osili announces 2027 Indianapolis mayoral bid
Pittsburgh permitting problems | How one daycare had to struggle to reopen its playground
Drive-thru flu-shot clinic taking place today in Augusta
House Passes Bill To Keep Blocking Washington, D.C. From Legalizing Marijuana Sales – Marijuana Moment
Florida High School Football Rankings: Top 25 teams – Oct. 21
Cleary's 21 help Le Moyne down Central Connecticut State 69-64 in OT
How old is Bo Nix? What to know about Oregon quarterback ahead of 2024 NFL Draft
99th annual Pony Swim held in Virginia
Video: ‘It Didn’t Have to Happen This Way:’ U.Va. Faculty Call for Review of Police Response to Protests
Hochul endorses legislation to allow New Yorkers to sue ICE agents: ‘Power does not justify abuse’
Iran reopens airspace after closure to most flights amid US attack threats
Trump says he’s been assured Tehran has stopped killing protesters as Iran reopens its airspace – live
Republicans light cigars, cigarettes on burning photos of Khamenei to show support for Iranian protesters
EU Parliament questions defence loan’s ‘€17 billion gift’ to Hungary
-
Montana5 days agoService door of Crans-Montana bar where 40 died in fire was locked from inside, owner says
-
Technology1 week agoPower bank feature creep is out of control
-
Delaware6 days agoMERR responds to dead humpback whale washed up near Bethany Beach
-
Dallas, TX7 days agoAnti-ICE protest outside Dallas City Hall follows deadly shooting in Minneapolis
-
Education1 week agoVideo: This Organizer Reclaims Counter Space
-
Virginia5 days agoVirginia Tech gains commitment from ACC transfer QB
-
Iowa1 week agoPat McAfee praises Audi Crooks, plays hype song for Iowa State star
-
Montana5 days ago‘It was apocalyptic’, woman tells Crans-Montana memorial service, as bar owner detained