Zoom Flaw on macOS includes a vulnerability that, if exploited, might give attackers root access and complete control of the operating system. The problem has not yet been fully patched.
According to The Verge, renowned security researcher Patrick Wardle, a former NSA employee, presented his Zoom Flawfindings at the Defcon conference on Friday in Las Vegas.
Utilizing the Zoom for macOS installer, which needs certain user permissions to install or remove Zoom from a Mac, the attack is carried out. Wardle especially found that the installer contains an auto-update feature that keeps running in the background with higher privileges.
How To Safeguard Oneself From The Zoom Flaw
The auto-updater would install any updates that Zoom released for its video conferencing platform after verifying their validity. But because of a fault in the cryptographic verification process, a malicious file may fool the updater into thinking it was signed by Zoom.
Wardle discovered that an attacker may execute any program through the update function and get such rights since the updater runs with superuser access. And Zoom Flaw has been present for weeks.
Even though Zoom released the first fix a few weeks before the incident, Wardle said that the update had a different weakness that may have allowed attackers to keep using the vulnerability. He quickly revealed the second flaw and took eight months before publishing his findings.
Wardle claims Zoom released another patch a few months before the Defcon conference in August, fixing the issues he had first found. However, the most recent patch still has bugs that might be exploited by attackers.
The only method to fully prevent the problem is to cease using the Zoom installer because it is still present in the most recent version of Zoom. Additionally, you have the option to get rid of retained installers.
As an alternative, you may attend Zoom meetings using the majority of popular web browsers.