Head Topics

Security researcher reveal Zoom flaws that could've allowed attackers to take over your Mac | Engadget

Norge Nyheter Nyheter

Security researcher reveal Zoom flaws that could've allowed attackers to take over your Mac | Engadget
Norge Siste Nytt,Norge Overskrifter
  • 📰 engadget
  • ⏱ Reading Time:
  • 53 sec. here
  • 2 min. at publisher
  • 📊 Quality Score:
  • News: 25%
  • Publisher: 63%

Security researcher reveal Zoom flaws that could've allowed attackers to take over your Mac

, Patrick Wardle presented two vulnerabilities during the conference. He found the first one in the app's signature check, which certifies the integrity of the update being installed and examines it to make sure that it's a new version of Zoom. In other words, it's in charge of blocking attackers from tricking the automatic update installer into downloading an older and more vulnerable version of the app.

Wardle discovered that attackers could bypass the signature check by naming their malware file a certain way. And once they're in, they could get root access and control the victim's Mac.another bug. This second vulnerability could have given attackers a way to circumvent the safeguard Zoom set in place to make sure an update delivers the latest version of the app. Wardle reportedly found that it's possible to trick a tool that facilitates Zoom's update distribution into accepting an older version of the video conferencing software.

Zoom already fixed that flaw, as well, but Wardle found yet another vulnerability, which he has also presented at the conference. He discovered that there's a point in time between the auto-installer's verification of a software package and the actual installation process that allows an attacker to inject malicious code into the update. A downloaded package meant for installation can apparently retain its original read-write permissions allowing any user to modify it.

Vi har oppsummert denne nyheten slik at du kan lese den raskt. Er du interessert i nyhetene kan du lese hele teksten her. Les mer:

engadget /  🏆 276. in US

Norge Siste Nytt, Norge Overskrifter

Similar News:Du kan også lese nyheter som ligner på denne som vi har samlet inn fra andre nyhetskilder.

Two years after Zoom incident, Jeffrey Toobin leaving CNNTwo years after Zoom incident, Jeffrey Toobin leaving CNNJeffrey Toobin, who rejoined CNN as a legal analyst after stepping away in the wake of exposing himself to colleagues in a Zoom call, said Friday that he was leaving the network after 20 years.
Les mer »

The Zoom installer let a researcher hack his way to root access on macOSThe Zoom installer let a researcher hack his way to root access on macOSUpdate your app.
Les mer »

Two similar Mobile murders one day apart – one is a capital case, the other is notTwo similar Mobile murders one day apart – one is a capital case, the other is notTwo murders. Two child victims. Two different sets of charges. The approach by the Mobile County District Attorney’s Office to killings that occurred a day apart in May have drawn attention to the discretion prosecutors exercise in determining whether or not to bring capital murder charges.
Les mer »

Julio Rodríguez drives in two, George Kirby gets win in Mariners 6-2 victory over RangersJulio Rodríguez drives in two, George Kirby gets win in Mariners 6-2 victory over RangersStar rookie Julio Rodriguez got two hits in his return to the Seattle lineup and the Mariners took over the first wild-card position in the American League by beating the Texas Rangers 6-2 on Friday night. FOX13
Les mer »

Political Notebook: Two independents file to run for Tucson mayorPolitical Notebook: Two independents file to run for Tucson mayorFor Star subscribers: The independents running for Tucson mayor disagree on whether there's only room for one of them.
Les mer »



Render Time: 2025-03-13 09:19:39