Outlook: Support for AppleScript in the New Outlook for Mac

🚨 The Signal: New Outlook for Mac will support AppleScript, enabling automation. This introduces potential for malicious script execution if not properly managed, increasing risk of data exfiltration or system compromise via client-side automation.

The Impact

Mac users are affected, with a security risk of malicious script execution leading to data compromise.

• Mac users: Increased risk from malicious AppleScripts in emails or attachments.
• Security teams: New attack surface to monitor for script-based threats.
• IT administrators: Need to review and update macOS security policies for script execution.

The Action

1. Review existing macOS endpoint security policies regarding script execution and automation.
2. Implement or strengthen endpoint detection and response (EDR) rules to monitor AppleScript activity related to Outlook.
3. Educate Mac users on the risks of running untrusted scripts and opening suspicious attachments.
4. Consider deploying Microsoft Intune custom configuration profiles to restrict AppleScript execution where not explicitly required.

Domain: M365-Apps · Impact: medium · Workload: M365 Apps · Essential Eight: User Application Hardening · ISM: ISM-1412, ISM-1485, ISM-1486, ISM-1542, ISM-1585, ISM-1667, ISM-1668, ISM-1669, ISM-1670, ISM-1823, ISM-1824, ISM-1859, ISM-1860