Skip to main content
  1. Home
  2. Computing
  3. News

MacOS suffers its first-ever Word macro attack

By

1129714 autosave v1 hackers22
Shutterstock
Debate continues over whether Apple’s MacOS is inherently more safe from malware than Windows or if Macs simply aren’t targeted as often because of their smaller share of the PC market. Regardless, the fact is that MacOS isn’t immune, and new vulnerabilities arise on occasion that Mac users should keep in mind.

One category of malware that has certainly affected Windows and not MacOS is the infamous Microsoft Word macro virus. That could be changing, as MacOS has now suffered its very first Word macro attack, as Ars Technica reports.

Recommended Videos

While Word macros can significantly enhance the application’s value, they’ve fallen out of favor over the years because of their tendency to be abused by malicious parties. Now, people who have used Word over the years probably think twice about clicking on the “enable macros” button that pops up when they open a document with embedded macros. MacOS users now also have good reason to hit the “disable macros” button instead unless they know for sure it’s from a safe source — or to discard the document entirely.

Related

The malware in question comes via a Word document, “U.S. Allies and Rivals Digest Trump’s Victory — Carnegie Endowment for International Peace,” that when opened runs embedded Python code that comes from the EmPyre open-source exploit framework. The code is capable of accessing webcams, grabbing passwords and encryption keys, and snooping into browser histories — and the infection it creates is persistent. Before running, it checks to make sure that the Littlesnitch security firewall isn’t active.

As usual, the Word macro malware relies on the user clicking through the warning. Patrick Wardle, Director of Research at Synack, a security company, said in an analysis of the Word document, “By using macros in Word documents, they are exploiting the weakest link; humans! And moreover since macros are ‘legitimate’ functionality (vs. say a memory corruption vulnerability) the malware’s infection vector doesn’t have to worry about crashing the system nor being ‘patched’ out.”

Another piece of malware that researchers also describe as unsophisticated and “poorly written” was recently discovered separately from the Word macro. Other attacks have been identified in the past few years, demonstrating that malicious parties are starting to pay more attention to MacOS — enough so that Mac users should seriously consider installing some antivirus and antimalware software. It’s simply no longer true that it’s only Windows users who are vulnerable to attack.

Editors’ Recommendations

Topics
Mark Coppock
Mark Coppock
Computing Writer
Mark Coppock is a Freelance Writer at Digital Trends covering primarily laptop and other computing technologies. He has…
I finally tried Apple Intelligence in macOS Sequoia to see if it lived up to the hype
The redeisgned Siri user interface in macOS Sequoia.

For the last few years, Apple’s macOS releases have been interesting, if not particularly exciting. But that’s all set to change this year with the launch of macOS Sequoia, and it’s all thanks to one feature: Apple Intelligence.

Apple’s artificial intelligence (AI) platform has the potential to completely change how you use your Mac on a daily basis. From generating images, rewriting emails, and summarizing your audio recordings to revamping Siri into a much more capable virtual assistant, Apple Intelligence could be the most significant new macOS feature in years.

Read more
You can finally try out Apple Intelligence on your Mac. Here’s how
macOS Sequoia being introduced by Apple's Craig Federighi at the Worldwide Developers Conference (WWDC) 2024.

The second developer beta of macOS Sequoia is open for business and it includes Apple Intelligence features. It looks like anyone can try it out as long as you're not in China. That includes people in the EU -- even though the AI features might not launch there right away. The features available for testing include Writing Tools, Siri, Safari and Mail summaries, Smart Replies, Memory Movies, transcription features, Reduce Interruptions Focus Mode, and a few more. If you want to have a look yourself, here's everything you need to do to download the beta and activate Apple Intelligence.

Before you start, make sure you've backed up your Mac with Time Machine so you can restore the previous version if anything goes wrong. You can also use a secondary device if you have another Apple silicon Mac lying around because beta versions can go wrong and you have to download them at your own risk.

Read more
I’m a Mac power user, and these are the apps I can’t live without
A person using a MacBook Air connected to two monitors.

The best Macs have a reputation for being easy to use, and as someone who switches between Windows and macOS every day, I can confirm that that reputation is well-earned. But macOS isn’t just a straightforward, easy-peasy system with about as much depth as a puddle -- it’s also a brilliant platform for power users.

A lot of that comes down to the thriving ecosystem of apps that are available on macOS. Load up your Apple computer with a few choice selections and you’ll be able to get so much more out of it than you ever thought possible, from automating tedious processes to making clever use of AI and everything in between.

Read more