A problem in macOS that might let a hacker to take over a user’s operating system has been fixed by Zoom (via MacRumors). Zoom admits the problem (CVE-2022-28756) in an update to its security notice and says a remedy is available in the Mac app’s version 5.11.5, which you may (and should) download right now.
The vulnerability was initially discovered and revealed at the Def Con hacking conference last week by Patrick Wardle, a security researcher and the creator of the Objective-See Foundation, a charity that develops open-source macOS security solutions. Corin Faife, a coworker of mine, attended the meeting and provided a report on Wardle’s results.
The Zoom installer is the focus of the attack, as Corin explains, and running it calls for specific user rights. By using this technique, Wardle discovered that by included Zoom’s cryptographic signature on the package, hackers could basically “fool” Zoom into downloading a malicious software. From there, attackers can access a user’s system further, giving them the ability to change, remove, or add files.
Thank you, Zoom, for the (freaking) rapid remedy! In reaction to Zoom’s upgrade, Wardle stated. Reversing the fix reveals that the Zoom installer now calls lchown to modify the update’s permissions. package, stopping malicious subversion as a result.”
Open Zoom on your Mac and go to zoom.us (the URL may change depending on the country you’re in) from the menu bar at the top of the screen to begin installing the 5.11.5 update. When an update is available, Zoom will provide a window with the most recent version of the app and information about what has changed when you choose Check for updates. Choose Update to begin the download from this point.