New_Style_xd Posted September 20, 2022 Share Posted September 20, 2022 Lessons to remember from DEF CON 30: Vulnerability in Zoom for macOS. In March 2020, when the entire world was just starting to deal with remote work, a vulnerability was discovered in the installation package for Zoom — one of the world's top remote communication tools — allowing arbitrary code execution on Apple computers. . Zoom fixed the vulnerability… sort of. Moving forward in time, now in August 2022, a similar loophole was found (in terms of location and exploration consequences). What is the latest vulnerability? The new issue in the Zoom video conferencing app was highlighted by renowned researcher Patrick Wardle at DEF CON 30 in early August this year. In short, some bugs were found in Zoom's auto-update system for Apple users. These bugs, in theory, made it possible to obtain so-called superuser rights, which allow a would-be attacker to do whatever he wants on a victim's computer. To exploit the vulnerability, however, the malicious person needed to have physical access to the computer, albeit without special rights. But this is not a totally unrealistic scenario: for example, the user can go to lunch and forget to lock the computer. Theoretically, the vulnerability could also be exploited by malware, which would otherwise not cause serious harm to the user. Link to comment Share on other sites More sharing options...
SeedTheNet Posted September 21, 2022 Share Posted September 21, 2022 I actually hate ZOOM and hate ZOOM Meetings Seeding the net.. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now