Last Wednesday, Patrick Wardle warned and showed a vulnerability in macOS that could be accessed through the Office program. Specifically, this exploit is accessed through the macros of the text editing program. A macro can be defined as a series of commands and instructions that are grouped together as the same command to complete a task automatically. Luckily the problem has already been patched with the latest version of Office for macOS 10.15.3
Patrick Wardle Jamf's security engineer and ex-NSA hacker, who has specialized in searching and finding vulnerabilities in macOS, showed last Wednesday at the “Black Hat” conference and through his blog, as sensitive Mac data could be accessed through macros executed in Office. Although it is quite difficult to perform and carry out this exploit, it can be achieved and once it shows, that there is nothing impregnable.
Office macros have been used on many occasions to access vulnerabilities in Windows computers. Macs can also be developed. By creating a file in an old .slk format, Wardle was able to make Office run macros without alerting the user. Added a "$" character to the beginning of the file name. That allowed Wardle escape the macOS sandbox. Finally, Wardle compressed the file in .zip format It did it this way because macOS does not verify these types of files with the certification requirements.
For the peace of mind of the users, it must be emphasized that it is a rather difficult exploit to execute and that you still need to authenticate some of the actions on login.
Logically Patrick Wardle reported this security breach to both Microsoft and Apple. However, according to his words, the apple company did not respond to him.