Security researcher finds three consecutive flaws in Zoom that could let hackers take control of your Mac

Getty Images/Cavan Images RF

Auto-updates keep users from worrying, and apps automatically get the latest, most effective protections and features, but video conferencing tool Zoom has been found to have a vulnerability that might allow hackers to take control of your Mac.according to Wired Quoting two vulnerability studies published by Mac researcher Patrick Wardle at this year’s DefCon World Hacking Competition, Zoom’s signature check function failed to block hacker scams, which can command automatic update downloaders to download older and existing files. Vulnerable version. And it’s much simpler to just rename the file in question to a specific name, bypass the signature check and install it, allowing a hacker to gain root access and take control of the target’s Mac.

Interestingly The Verge Reports indicate that Wardle reported the vulnerability to Zoom as early as 2021, and the official update was released to fix it, but this brought another bug. The second vulnerability is that a hacker can circumvent Zoom’s tool that checks to see if the latest version is downloaded, and also allows it to install the problematic version.

Well, following Zoom has fixed the bug once more and once more, Wardle has found another problem, and this is the latest one published at the conference. He found that there was a time lag between the software package inspection step of the automatic update tool and the actual installation. At the same time, the update package still retains the original read and write authorization, so that anyone can modify it, and hackers do not need to obtain root permissions. You can take the opportunity to “add material” and add the problematic code to the update package.

In response to The Verge’s query, Zoom said they had worked hard to fix the vulnerability. Wired also pointed out that existing vulnerabilities require existing authorization to be able to attack, so the risk is relatively low. In any case, the automatic update function is still recommended, so don’t be frightened by this serial package.

Leave a Replay