The app’s older version has a bug in the auto-update feature that can be exploited to get root access of your files.
Zoom has released an update of its macOS app that addresses a high-severity security flaw in the app’s automatic update feature. The video conferencing service stated that versions 5.7.3 to 5.11.3 of its macOS app contain a bug in the auto-update feature that can be exploited to get root access on the operating system. The issue has been fixed in the new update (version 5.11.5) for macOS.
The Zoom package installer employed a poor security certificate test, and files with the same name as Zoom’s package could easily trick it. Following that, your MacBook sees the hacker as someone who can access your files and also create new files, which allows them to add any kind of malware to your system. Mac security researcher Patrick Wardle first reported on the issue at the DEF CON hacking conference, which took place in Las Vegas last Friday.
Cookie | Duration | Description |
---|---|---|
cookielawinfo-checkbox-analytics | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics". |
cookielawinfo-checkbox-functional | 11 months | The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional". |
cookielawinfo-checkbox-necessary | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary". |
cookielawinfo-checkbox-others | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other. |
cookielawinfo-checkbox-performance | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance". |
viewed_cookie_policy | 11 months | The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data. |