Partick Wardle, the longtime Mac security researcher, presented a bug in Zoom’s automatic update feature on Friday, Aug. 12. Although Zoom has resolved some bug issues, Wardle said there was one unpatched vulnerability that may affect systems now.

automatic updates

(Photo : FRANCK FIFE/AFP via Getty Images)
View of the spectators in videoconference during the live streaming show of French humorists Othman and Kalvin at the Apollo Theatre in Paris on May 14, 2020.

At the Las Vegas DefCon security conference, Wardle detailed that when targeting the installer of the application, special user permission is needed to install or remove Zoom from a computer.

He found out that when a certain user is entering a password, the auto-update function is continuously running in the background with privileges to access the information. Following this, the power to control, add, modify, and remove files on the user’s machine is in the hands of the attacker as they have already gained initial access to the target.

Some vulnerabilities in the presentation were already resolved by Zoom, as Wardle informed the company in December 2021. Yet, he mentioned that the fix led to another bug and might lead to the same problem.

As per the Zoom spokesperson, they have already resolved these security issues and recommend users keep up with the latest update of the application.

In an interview for The Verge, Wardle said that not only did he report the bugs, but he also presented how to fix it and waited six to eight months to resolve the issue, knowing that users who have Mac versions of Zoom are at risk,

Zoom also issued a patch one week before the event, and Wardle analyzed another small bug that it could allow the attackers to exploit the problem.

Wardle stated, “There’s always a potential tradeoff between usability and security, and it’s important for users to install updates. But if it’s opening this broad attack surface that could be exploited, that’s less than ideal.”

Zoom’s Worth Nowadays

Stocks of the company went down by almost 85%, comparing it to their peak during the start of the lockdowns because of the pandemic. $135 billion was the cost of its market value.

Yet many analysts still see Zoom supported by a lot post-pandemic or in the future as many employees prefer working from home to going on site. Through this platform, these employees may help their work more flexibly.

Zoom’s Take on Online Terrorism

After receiving criticism from users who experienced ‘zoombombing’ or a certain cyber-harassment where people interrupt online meetings via the conference application, the company announced 2021 its participation in the Global Internet Forum to Counter Terrorism.

automatic updates

(Photo : FRANCK FIFE/AFP via Getty Images)
View of the spectators in videoconference during the live streaming show of French humorists Othman and Kalvin at the Apollo Theatre in Paris on May 14, 2020. 

Major tech companies such as Microsoft, Amazon, and Meta also participated in the campaign.
The company continues to ensure the users’ security and continues to help and promote a much safer community-fighting terrorism online.

Related Aricle: Zoom Wants to Make the Digital World Safer, Joins Meta and Others to Fight Global Online Terrorism

This article is owned by TechTimes

Written by Inno Flores

TECH NEWS RELATED

Study shows children of lower economic status more willing to make risky decisions than wealthier children

Probability of choosing the risk option for the two equal EV trials: low value (blue, darker) and high value (red, lighter). Three-way interaction of SES (maternal education) with condition (gain or loss) and trial. Credit: Proceedings of the Royal Society B: Biological Sciences (2022). DOI: 10.1098/rspb.2022.0712 A pair of ...

View more: Study shows children of lower economic status more willing to make risky decisions than wealthier children

Paper by team claiming to have achieved superconductivity at room temperature retracted

Credit: Pixabay/CC0 Public Domain Editors at the journal Nature have retracted a paper by a team that claimed to have achieved superconductivity at room temperature. Published in 2020, the paper described work by a combined team from the University of Rochester and the University of Nevada, announcing that they ...

View more: Paper by team claiming to have achieved superconductivity at room temperature retracted

First-ever mycobiome atlas describes associations between cancers and fungi

Rob Knight, PhD, is a professor in the departments of Pediatrics at UC San Diego School of Medicine and Bioengineering and Computer Science at UC San Diego Jacobs School of Engineering. Credit: UC San Diego Health Sciences An international team of scientists, co-led by researchers at the University of ...

View more: First-ever mycobiome atlas describes associations between cancers and fungi

New evidence for liquid water beneath the south polar ice cap of Mars

The left-hand panel shows the surface topography of Mars’s south pole, with the outline of the south polar cap in black. The light blue line shows the area used in the modelling experiments, and the green square shows the region containing the inferred subglacial water. The ice in the ...

View more: New evidence for liquid water beneath the south polar ice cap of Mars

Ozone pollution threatens plant health and makes it harder for pollinators to find flowers

A bee pollinates a sunflower. Credit: Evgenios Agathokleous Over the past decades, rising levels of ozone pollution have been interrupting pollination, impacting the livelihood of both plants and the animals that pollinate them. In a review published September 29 in the journal Trends in Ecology and Evolution, researchers explain ...

View more: Ozone pollution threatens plant health and makes it harder for pollinators to find flowers

Tokyo's suburban gardens should prepare now for post-pandemic tourism

A quiet suburban garden in Tokyo (May 2022). Credit: Sho Shimoyamada, 2022 Gardens in Tokyo should work together to disperse visitors and avoid the negative effects of overtourism, suggests a new study at the University of Tokyo. This research focused on a group of six suburban gardens which had ...

View more: Tokyo's suburban gardens should prepare now for post-pandemic tourism

New technique enables shaping of electron beams

Recent experiments at the University of Vienna show that light (red) can be used to arbitrarily shape electron beams (yellow), opening new possibilities in electron microscopy and metrology. Credit: stefaneder.at, University of Vienna A new technique that combines electron microscopy and laser technology enables programmable, arbitrary shaping of electron ...

View more: New technique enables shaping of electron beams

New drug has potential to turn SARS-CoV-2 virus against itself

A drug developed by Scripps Research scientists prevents SARS-CoV-2 (blue) from binding to ACE2 receptors (pink) to infect human cells. The drug latches on to the virus and then adds a “nitro group” similar to nitroglycerin to ACE2 whenever the drug-coated virus approaches the receptor. Credit: Scripps Research A ...

View more: New drug has potential to turn SARS-CoV-2 virus against itself

Algae as microscopic biorefineries

Bitcoin as environmentally costly as beef production

Do humans think computers make fair decisions?

Windows 11 gets Android app support in more countries

Apple iPhone 14 review: Minor tweaks but still a great phone

New Royal Ransomware emerges in multi-million dollar attacks

Porsche shares rise in one of Europe's largest market debuts

Scientist resolves one of the holy grails of physical chemistry after 17 years of research

Millions without power, major flooding in Florida hurricane

Three Russian cosmonauts return from space station

Milky Way's graveyard of dead stars found

Centre orders blocking 67 porn websites

OTHER TECH NEWS

Top Car News Car News