We’ve reached out to Wardle for his analysis, and will update if he finds the vulnerability persists.We’re all zooming these days. Now at version 5.11.5, the Mac app for Zoom is supposedly safe from the exploit now. So, Wardle presented it during the Def Con conference is Las Vegas, Nevada.įinally, on Monday, Zoom issued another fix for the Mac app.
The exploit was still there, and still a threat. Yes, another update fixed the second bug, but introduced another one. He advised Zoom of the second bug, and then waited.Įight months later, Zoom hadn’t bothered to fix the exploit. This meant despite the Zoom update, the vulnerability was still present and exploitable, but not quite as easily. An initial fix, Wardle said, contained another bug. Wardle advised Zoom of his findings in December 2021. In this case, the updater flaw would give the attacker “root” access, allowing them to add, modify or remove any files on the Mac they wished. Basically, it means the attacker has already gained access to its target, and uses an exploit to grant it a higher level of access. This is what’s called a privilege escalation attack. New Update Resolves Privilege Escalation Attack Risk That meant an attacker could substitute any sort of malware they wanted and Zoom’s updater would happily run it with elevated privileges.
Unfortunately, the checking method was flawed.Īny file given the same name as Zoom’s signing certificate would pass muster. Whenever Zoom issues an update, the function checks the new package has been cryptographically signed by Zoom. The problem lies within Zoom’s auto-update function, which runs continuously in the background with superuser privileges after installation. Since Zoom has to run with special user permissions to install, remove or update the main app from a computer, it asks for a user to enter their password during installation. Wardle disclosed it during a presentation at the Def Con tracking conference Aug. The exploit was found by Mac security specialist Patrick Wardle. Exploit Takes Advantage of Zoom Update Vulnerability
0 kommentar(er)
