zoom installer flaw can give attackers root access to your mac

AppleInsider is supported by its audience and may earn commission as an Amazon Associate and affiliate partner on qualifying purchases. These affiliate partnerships do not influence our editorial content.

A security researcher has discovered a flaw in Zoom on macOS that could allow attackers to gain root access and control the entire operating system — and the issue has yet to be fully fixed.

Patrick Wardle, a veteran security researcher who formerly worked for the NSA, shared his findings in a presentation at the Defcon conference in Las Vegas on Friday, according to The Verge.

The attack works by leveraging the Zoom for macOS installer, which requires special user permissions to be able to install or uninstall Zoom from a Mac. More specifically, Wardle discovered that the installer as an auto-update function that continues to run in the background with elevated privileges.

Whenever Zoom issued an update to its video conferencing platform, the auto-updater would install the update after checking that it legitimate. However, a flaw in the cryptographic verification method meant that an attacker could trick the updater into thinking a malicious file was signed by Zoom.

Since the updater runs with superuser privileges, Wardle found that an attacker could run any sort of program through the update function — and gain those privileges. And, Zoom let the flaw exist for months.

“To me that was kind of problematic because not only did I report the bugs to Zoom, I also reported mistakes and how to fix the code,” Wardle said to The Verge “So it was really frustrating to wait, what, six, seven, eight months, knowing that all Mac versions of Zoom were sitting on users’ computers vulnerable.”

As a privilege escalation attack, the flaw could allow attackers to gain “root” or “superuser” privileges on a Mac. In theory, that could allow them to add, remove, or modify any file on the machine.

Although Zoom issued an initial patch a months weeks before the event, Warlde said that the update contained another bug that could have allowed attackers to continue exploiting the flaw.

He soon disclosed the second bug and waited eight months to publish his own research.

A few months before the Defcon conference in August, Wardle says that Zoom issued another patch that fixed the bugs he initially discovered. However, this latest patch still contains errors that could allow an attacker to leverage the flaw.

The second bug is currently still active in the latest update for Zoom. It’s apparently easy to fix, so Wardle hopes that talking about it publicly at Defcon will get Zoom to quickly issue a patch.

How to protect yourself

Since the flaw is currently still present in the latest version of Zoom, the only way to completely mitigate it is to stop using the Zoom installer. You can also go one step further and delete the installer from your Applications folder in macOS.

Users who still require Zoom access can download the Mac App Store version of the app. Alternatively, you can also join Zoom meetings from most standard web browsers.

TECH NEWS RELATED

Trust this computer does not appear on iPhone [Easy Fix]

iOS devices are great, and they have several security features that make them more secure than their competitors. Many users reported that Trust this computer message is not appearing for them, and in today’s article we’re going to show you how to fix that. iPhone is a great device, ...

View more: Trust this computer does not appear on iPhone [Easy Fix]

Your iPhone is not sending pictures? Here’s how to fix it

Sending files over your phone is a necessity, but sometimes certain issues can appear, especially on iPhone. Users reported that the iPhone is not sending pictures at all, but there’s a way to fix this problem, and it’s simpler than you think. Don’t hesitate to explore our Mac section ...

View more: Your iPhone is not sending pictures? Here’s how to fix it

The driver required for this iPhone is not installed [Fixed]

You may encounter The driver required for this iPhone is not installed when connecting your iPhone to PC. In this article, we explore a few troubleshooting steps to help you resolve this error. Check out our dedicated Troubleshooting hub for more useful articles on a variety of subjects. Consider ...

View more: The driver required for this iPhone is not installed [Fixed]

Fix: Gboard has stopped working [Android/iPhone/Tablet]

Having your Gboard stop working while you’re in the middle of using the service can cause you some stress, but this article will help. In this guide, we will discuss the best way to solve the Gboard error message on Android, iPhone, and tablet. Explore guides for a variety ...

View more: Fix: Gboard has stopped working [Android/iPhone/Tablet]

Today in Apple history: Apple IPO mints instant millionaires

December 12, 1980, was an incredibly important day for Apple. Photo: Ste Smith/Cult of Mac/401Calculator December 12, 1980: Apple goes public, floating 4.6 million shares on the stock market at $22 per share. In the biggest tech IPO of its day, more than 40 out of 1,000 Apple employees ...

View more: Today in Apple history: Apple IPO mints instant millionaires

Browse the Web from Your Wrist with µBrowser

Have you ever looked down at your Apple Watch and thought, “I wish I could browse the Web from my wrist!” OK, probably not. But now you can anyway, thanks to the $0.99 µBrowser from developer Arno Appenzeller, who specializes in fun and cheap little utilities like PiPifier and ...

View more: Browse the Web from Your Wrist with µBrowser

Hyundai Releases Major Redesign of Its iPhone and Android App

The smarter cars out there are getting, the more important mobile companion apps are becoming for the overall experience with a specific model.

View more: Hyundai Releases Major Redesign of Its iPhone and Android App

Editor's Desk: Future products, litigation, and inside Apple's design studio

Source: iMore You may have noticed there hasn’t been an Editor’s Desk column for the last couple of weeks. With a wealth of deals on Apple products to let you know about, and a dearth of actual Apple news to share, most of our team’s time was occupied with the ...

View more: Editor's Desk: Future products, litigation, and inside Apple's design studio

LittleBITS: Unlocking the Commons and Extending the Gmail App

Apple's AirTag drops to $25 for Amazon Prime members at Woot

Windows 11 receives no support for Apple’s M1 chip

Epic Games vs Apple trial, verdict, and aftermath - all you need to know

TSMC talks to Germany about potential new chip plant

Intel Alder Lake Mobility CPUs are faster than Apple M1 Max, and AMD 5980HX

How to sync iPhone files with Windows 11’s iCloud

Got a Windows 10 Apple iPhone driver error? Fix it now

Best Apple Watch cases 2021

Comment: AirPods 3 from an AirPods Pro user’s perspective

Log4Shell: This dangerous exploit can affect everything from Apple to Minecraft

This webpage wants to run Apple from Apple Inc pop-up [FIX]

OTHER TECH NEWS

Top Car News Car News