Zoom it for mac3/9/2023 ![]() pkg, thus preventing malicious subversion. On Twitter, Wardle praised (Opens in a new window) Zoom for its "incredibly quick fix." In evaluating the patch, Wardle says the "Zoom installer now invokes lchown to update the permissions to the update. But when I looked closer, the quality of the code was more suspect, and it appeared that no one was auditing it deeply enough." "And when I took a look, it seemed on first pass that they were doing things securely-they had the right ideas. "I was curious about exactly how they were setting this up," Wardle told Wired (Opens in a new window) before his DefCon talk. Once inside the system, a hacker can modify, delete, or add files to the device. Wardle, however, found that an auto-update function running continuously in the background could be tricked into embedding malware by using Zoom's cryptographic signature. The exploit targets the Zoom installer, which requires a user password when first added, The Verge notes (Opens in a new window). The weakness, revealed by Mac security specialist Patrick Wardle at last week's DefCon, was patched in Zoom version 5.11.5, which is available now. 13 security bulletin (Opens in a new window), Zoom versions 5.7.3 to 5.11.5 contain an auto-update vulnerability that could be exploited by a local low-privileged user to gain unrestricted access to Apple's operating system. Zoom has fixed a bug that could've allowed unrestricted access to macOS systems.Īccording to an Aug. Any version of Zoom Cloud Meetings distributed on Uptodown is completely virus-free and free to download at no cost. Download rollbacks of Zoom Cloud Meetings for Mac.
0 Comments
Leave a Reply.AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |