Zoom’s update for Mac patches high-severity flaw that let hackers access system files

The app’s older version has a bug in the auto-update feature that can be exploited to get root access of your files.

• The issue has been fixed in the new update (version 5.11.5) for macOS.
• Mac security researcher Patrick Wardle first reported on the issue at the DEF CON hacking conference .
• Zoom versions 5.7.3 to 5.11.3 of its macOS app contain the bug, and users are suggested to update their app.

Zoom has released an update of its macOS app that addresses a high-severity security flaw in the app’s automatic update feature. The video conferencing service stated that versions 5.7.3 to 5.11.3 of its macOS app contain a bug in the auto-update feature that can be exploited to get root access on the operating system. The issue has been fixed in the new update (version 5.11.5) for macOS.

The Zoom package installer employed a poor security certificate test, and files with the same name as Zoom’s package could easily trick it. Following that, your MacBook sees the hacker as someone who can access your files and also create new files, which allows them to add any kind of malware to your system. Mac security researcher Patrick Wardle first reported on the issue at the DEF CON hacking conference, which took place in Las Vegas last Friday.

Source Link