6.7 C
London
Wednesday, September 28, 2022

Zoom on Mac’s latest update fixes a dangerous security flaw

Must read

Teen dead after gunmen ambushed 5 high school soccer players in Philadelphia, police say

Five high school football players were shot in a deadly "ambush" after a scrimmage in Philadelphia on Tuesday, authorities said. A 14-year-old boy...

londonbusinessblog.com Session Calendar Announcement: Crypto 2022 • londonbusinessblog.com

The crypto industry has appeared to be aging for decades in the past bull run, maturing in places as it progressed into ambitious new...

Stockly raises another $12 million to sell out-of-stock items through other retailers • londonbusinessblog.com

French startup Stockly raises a $12 million (€12 million) Series A round from Eurazeo, Daphni and several business angels. The company bundles the...

Limit reached – Join the EU Startups CLUB

€147/quarter This option is ideal for companies and investors who want to keep up to date with Europe's most promising startups, have full access...
Shreya Christinahttps://londonbusinessblog.com
Shreya has been with londonbusinessblog.com for 3 years, writing copy for client websites, blog posts, EDMs and other mediums to engage readers and encourage action. By collaborating with clients, our SEO manager and the wider londonbusinessblog.com team, Shreya seeks to understand an audience before creating memorable, persuasive copy.

Zoom has patched a bug in macOS that could allow a hacker to take control of a user’s operating system (through MacRumors). In an update to the security bulletinZoom acknowledges the issue (CVE-2022-28756) and says a fix is ​​included in version 5.11.5 of the app on Mac, which you can (and should) download now.

Patrick Wardle, a security researcher and founder of the Objective-See Foundation, a nonprofit that makes open-source macOS security tools, discovered the flaw and presented it at the Def Con hacking conference last week. My colleague, Corin Faife, attended the event and reported on Wardle’s findings.

As Corin explains, the exploit targets the Zoom installer, which requires special user rights to run. By using this tool, Wardle discovered that hackers could essentially “trick” Zoom into installing a malicious program by placing Zoom’s cryptographic signature on the package. From here, attackers can then gain further access to a user’s system, allowing them to modify, delete, or add files on the device.

“Mahalos to zoom for the (incredibly) quick fix!” Wardle said in response: to the Zoom update. “If we roll back the patch, we see that the Zoom installer now calls lchown to update the .pkg update permissions, preventing malicious subversion.”

You can install the 5.11.5 update on Zoom by first opening the app on your Mac and clicking . to push zoom.us (this may vary depending on the country you are in) in the menu bar at the top of your screen. Then select Check for updates, and if one is available, Zoom will display a window with the latest app version, along with details of what’s changing. Select from here Update to start the download.


More articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest article

Teen dead after gunmen ambushed 5 high school soccer players in Philadelphia, police say

Five high school football players were shot in a deadly "ambush" after a scrimmage in Philadelphia on Tuesday, authorities said. A 14-year-old boy...

londonbusinessblog.com Session Calendar Announcement: Crypto 2022 • londonbusinessblog.com

The crypto industry has appeared to be aging for decades in the past bull run, maturing in places as it progressed into ambitious new...

Stockly raises another $12 million to sell out-of-stock items through other retailers • londonbusinessblog.com

French startup Stockly raises a $12 million (€12 million) Series A round from Eurazeo, Daphni and several business angels. The company bundles the...

Limit reached – Join the EU Startups CLUB

€147/quarter This option is ideal for companies and investors who want to keep up to date with Europe's most promising startups, have full access...

Ecommerce Discount Startup Checkmate Raises $7.75 Million Seed Round

US-based Australian startup Checkmate has raised $5 million in a seed round. The increase was led by US VC Fuel Capital. Other investors include...