Zoom has issued a patch for a bug on macOS that could allow a hacker to take control of a user’s operating system (via MacRumors). Zoom acknowledged the issue in a security bulletin update. Zoom says that version 5.11.5 of its app on Mac has a fix. You can (and should!) get it now.
Patrick Wardle, a security researcher who founded the Objective-See Foundation, a non-profit that creates open-source macOS security software, discovered the flaw first and presented it to the Def Con hacking conference. My colleague, Corin Faife, attended the event and reported on Wardle’s findings.
Corin explains that the exploit targets Zoom installer. It requires special user permissions in order to run. By leveraging this tool, Wardle found that hackers could essentially “trick” Zoom into installing a malicious program by putting Zoom’s cryptographic signature on the package. From here, attackers can then gain further access to a user’s system, letting them modify, delete, or add files on the device.
We can reverse the patch and see that the Zoom installer invokes lchown now to update the permissions for the update.pkg. This prevents malicious subversions pic.twitter.com/00xjqKQsXs
— patrick wardle (@patrickwardle) August 14, 2022
“Mahalos to Zoom for the (incredibly) quick fix!” Wardle said in response to Zoom’s update. “Reversing the patch, we see the Zoom installer now invokes lchown to update the permissions of the update .pkg, thus preventing malicious subversion.”
Zoom 5.11.5 is available for download by opening the app on a Mac and then hitting zoom.us (this might be different depending on what country you’re in) from the menu bar at the top of your screen. Then, select Check back for updates, and if one’s available, Zoom will display a window with the latest app version, along with details about what’s changing. You can then select UpdateClick here to start the download
Read the full article here
