The most critical Apple macOS flaw that might have allowed hackers to take over users’ operating systems when they opened the meeting app has been resolved by online video collaboration platform Zoom. The Zoom client for meetings for MacOS, starting with version 5.7.3 and prior to 5.11.5, “contains a vulnerability in the auto update process,” the company stated in a security update.
According to the business, “a local low-privileged user might exploit this vulnerability to escalate their privileges to root,”
The Mac version of Zoom’s program, version 5.11.5, has a remedy for the problem (CVE-2022-28756), which users can now download. Previously, a security analyst discovered a method by which an attacker might use Zoom on macOS to take control of the entire operating system.
According to The Verge, Mac security expert Patrick Wardle presented the details of the bug at the Def Con hacking conference in Las Vegas last week. Zoom already resolved some of the relevant bugs, but the most harmful one was still present on macOS and has since been fixed. The exploit was successful because it targeted the Zoom installer, which is required to run with specific user permissions in order to install or uninstall the main Zoom application from a computer.
A security researcher discovered a way for an attacker to use the macOS version of Zoom to take control of the entire operating system last week. The Verge reports that Mac security expert Patrick Wardle presented the exploit’s specifics this week at the Def Con hacking conference in Las Vegas.
The analyst also highlighted one unpatched vulnerability that still impacts systems today, while Zoom has previously resolved several of the related problems.
The Zoom installer, which must be launched with specific user permissions in order to install or uninstall the main Zoom application from a computer, is the target of the vulnerability. When a user initially adds an application to the system, the installer requests that they input their password; nevertheless, Wardle discovered that an auto-update function then runs continuously in the background with superuser rights.
The updater function would install the new package after verifying that it had been blockchain signed by Zoom whenever Zoom released an update.