Zoom has released yet another Mac update to address a severe security problem.
Before you connect into Zoom to begin your next video conference, you should take a few moments to update your app. Zoom just issued a security patch to address a significant flaw that might allow a hacker to take control of your system.
Patrick Wardle of the Unbiased Foundation found the vulnerability, which includes Zoom’s automated updater, which operates as a root user and does not necessitate a user password. When the updater runs, it checks to verify if the software updates are signed by Zoom, but Wardle noticed that it merely checks if the file name matches the signing certificate. A hacker may then acquire access to the Mac by using a new programme with the same name as the certificate.
Zoom has a spotty security record. It has previously experienced issues with unwanted microphone access, a lack of encryption, and unauthorised individuals invading meetings. Zoom’s upgrades have addressed these issues.
How To Update Zoom on your device?
Zoom may autoupdate when you run the software, however it may not download the most recent version (5.11.6) (this occurred to me) (9098). Launch Zoom and navigate to zoom.us > About Zoom to verify the version. If you don’t have the most recent version, you’ll have to manually upgrade it.
The 5.11.5 (9788) upgrade does not appear to properly cure the issue. Zoom has released another version that appears to be a remedy. (Is the third time the charm?) The 5.11.6 (9098) update is now available.
Reason Behind the New Update
According to an ArsTechnica study into the popular cloud video chat service, a serious security weakness that allowed someone with malicious intent to get root access to Mac customers’ systems had to be fixed.
As a consequence, hackers would be able to take over their systems. The Zoom auto-update application, which had root access to the system, appears to be the cause of this vulnerability. For this programme, there was just a signature verification mechanism available, and it was simple to trick it by giving your package a recognisable file name.
Zoom Mac Update
Zoom Mac Update