As Microsoft explains, the App Sandbox is Apple's access control technology in macOS that application developers must adopt to distribute their apps through the Mac App Store. That includes Microsoft, which distributes Office apps like Word and Excel in the store.
App Sandbox is an access control technology provided in macOS, enforced at the kernel level according to Apple. It aims to contain damage to the system and the user's data if an app becomes compromised by limiting access to sensitive resources on a per-app basis.
Apple says App Sandbox is "not a silver bullet" but does act as a "last line of defense" against theft, corruption, or deletion of user data, and frustrates attempts to hijack system hardware if an attacker exploits a bug in an app.
Microsoft's probe of macOS Launch Services as a means of escaping the sandbox built on previous research by others in 2021, 2020 and 2018, detailing similar vulnerabilities. Last year, researchers at Perception Point found a similar sandbox escape via Launch Services (CVE-2021-30864). Apple patched it September and disclosed it in January.
Microsoft said it found the vulnerability while researching potential ways to run and detect malicious macros in Microsoft Office on macOS: "Our findings revealed that it was possible to escape the sandbox by leveraging macOS's Launch Services to run an open –stdin command on a specially crafted Python file with the said prefix. Our research shows that even the built-in, baseline security features in macOS could still be bypassed, potentially compromising system and user data."