Zoom update mac5/10/2023 If successfully exploited, this security flaw can allow an attacker to take over the Zoom installer’s root access to the victim device, giving them full control over it. The third vulnerability Wardle discovered lies within the Zoom installer itself and has not been fixed as of writing. “As always, we recommend users keep up to date with the latest version of Zoom … Zoom also offers automatic updates to help users stay on the latest version.” “We have already resolved these security issues,” a Zoom spokesperson told WIRED. One of the now-fixed vulnerabilities had to do with the auto-updater’s cryptographic signature check, while the other could be used to trick Zoom into installing an older, more vulnerable version of the app that could be exploited to gain full control of the victim’s Mac. Zoom has already fixed two of these vulnerabilities. Wardle presented these weaknesses at the DEF CON cybersecurity conference in Las Vegas on Friday. Once auto-update is set up, Zoom automatically downloads and installs the latest software patches when it launches. On Mac, users need to enter their system password while enabling the feature. Zoom rolled out its auto-update feature on both Mac and Windows in November of last year. Security researcher Patrick Wardle recently discovered three security vulnerabilities in the popular video conferencing app Zoom’s auto-update feature that put Mac users at risk of remote attacks (via WIRED).
0 Comments
Leave a Reply.AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |