News Hub

Zoom releases patch for Mac root access flaw

Written by Fri 19 Aug 2022

Woman on Zoom call

Video conferencing software Zoom recently announced a patch for a vulnerability that a security researcher called Patrick Wardle discovered.

Found in versions 5.7.3 to 5.11.3 on Zoom for macOS, the flaw would give hackers the ability to use the Zoom package installer to take over a Mac-based computer.

While the Zoom client usually has well-defined permissions when it comes to accessing vital system files, the auto-update function that runs in the background has far more widespread system privileges. A security tool that checks Zoom update files are legitimate does so by verifying a cryptographic signature from the company.

But Patrick Wardle, founder of macOS security tools creator Objective-See, found that any file that was renamed with the Zoom cryptographic signature would be seen as legitimate by the system. A fault like this allows rogue actors to maliciously use the Zoom system to run files that can cause damage.

Wardle said he had informed Zoom about this flaw since December 2021, but it was only when Wardle spoke about this issue recently at the DEF CON Conference that Zoom fully fixed the issue. In a security bulletin, Zoom said: “The Zoom Client for Meetings for macOS (Standard and for IT Admin) contains a vulnerability in the auto-update process. A local low-privileged user could exploit this vulnerability to escalate their privileges to root.”

The first patch Zoom released to address this issue was, according to Wardle, not enough to remove the flaw, with a second fix after the DEF CON Conference fully fixing the problem. This is not the first time Zoom has been faced with vulnerabilities or flaws in the software, with the pandemic where a large number of users began to use the product bringing a number of issues to the surface that the company had to fix.

Written by Fri 19 Aug 2022


business security
Send us a correction Send us a news tip