\u201cIt was really frustrating to wait … six, seven, eight months\u201d<\/q><\/aside>\n<\/div>\nFollowing responsible disclosure protocols, Wardle informed Zoom about the vulnerability in December of last year. To his frustration, he says an initial fix from Zoom contained another bug that meant the vulnerability was still exploitable in a slightly more roundabout way, so he disclosed this second bug to Zoom and waited eight months before publishing the research.<\/p>\n
\u201cTo me that was kind of problematic because not only did I report the bugs to Zoom, I also reported mistakes and how to fix the code,\u201d Wardle told The Verge <\/em>in a call before the talk. \u201cSo it was really frustrating to wait, what, six, seven, eight months, knowing that all Mac versions of Zoom were sitting on users’ computers vulnerable.\u201d<\/p>\nA few weeks before the Def Con event, Wardle says Zoom issued a patch that fixed the bugs that he had initially discovered. But on closer analysis, another small error meant the bug was still exploitable.<\/p>\n
In the new version of the update installer, a package to be installed is first moved to a directory owned by the \u201croot\u201d user. Generally this means that no user that does not have root permission is able to add, remove, or modify files in this directory. But because of a subtlety of Unix systems (of which macOS is one), when an existing file is moved from another location to the root directory, it retains the same read-write permissions it previously had. So, in this case, it can still be modified by a regular user. And because it can be modified, a malicious user can still swap the contents of that file with a file of their own choosing and use it to become root.<\/p>\n
While this bug is currently live in Zoom, Wardle says it’s very easy to fix and that he hopes that talking about it publicly will \u201cgrease the wheels\u201d to have the company take care of it sooner rather than later.<\/p>\n
Zoom had not responded to a request for comment at time of publication.<\/p>\n<\/div>\n","protected":false},"excerpt":{"rendered":"
A security researcher has found a way that an attacker could leverage the macOS version of Zoom to gain access over the entire operating system. Details of the exploits were released in a presentation given by Mac security specialist Patrick Wardle at the Def Con hacking conference in Las Vegas on Friday. Some of the …<\/p>\n
The Zoom installer let a researcher hack his way to root access on macOS<\/span> Read More »<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"default","ast-global-header-display":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","spay_email":"","jetpack_publicize_message":"","jetpack_is_tweetstorm":false,"jetpack_publicize_feature_enabled":true},"categories":[4],"tags":[],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack-related-posts":[{"id":45819,"url":"https:\/\/harchi90.com\/zooms-latest-update-on-mac-includes-a-fix-for-a-dangerous-security-flaw\/","url_meta":{"origin":43744,"position":0},"title":"Zoom’s latest update on Mac includes a fix for a dangerous security flaw","date":"August 15, 2022","format":false,"excerpt":"Zoom has issued a patch for a bug on macOS that could allow a hacker to take control of a user's operating system (via MacRumors). In an update on its security bulletin, Zoom acknowledges the issue (CVE-2022-28756) and says a fix is \u200b\u200bincluded in version 5.11.5 of the app on\u2026","rel":"","context":"In "Technology"","img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":46201,"url":"https:\/\/harchi90.com\/update-zoom-for-mac-now-to-avoid-root-access-vulnerability\/","url_meta":{"origin":43744,"position":1},"title":"Update Zoom for Mac now to avoid root-access vulnerability","date":"August 15, 2022","format":false,"excerpt":"enlarge \/ A critical vulnerability in Zoom for Mac OS allowed unauthorized users to downgrade Zoom or even gain root access. It has been fixed, and users should update now.Getty Images If you're using Zoom on a Mac, it's time for a manual update. The video conferencing software's latest update\u2026","rel":"","context":"In "Technology"","img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":49457,"url":"https:\/\/harchi90.com\/zoom-patches-critical-vulnerability-again-after-prior-fix-was-bypassed\/","url_meta":{"origin":43744,"position":2},"title":"Zoom patches critical vulnerability again after prior fix was bypassed","date":"August 18, 2022","format":false,"excerpt":"enlarge \/ A critical vulnerability in Zoom for MacOS, patched once last weekend, could still be bypassed as of Wednesday. Users should update again.Getty Images It's time for Zoom users on Mac to update\u2014again. After Zoom patched a vulnerability in its Mac auto-update utility that could give malicious actors root\u2026","rel":"","context":"In "Technology"","img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":50672,"url":"https:\/\/harchi90.com\/apple-users-should-update-zoom-and-beware-fake-coinbase-job-postings\/","url_meta":{"origin":43744,"position":3},"title":"Apple users should update Zoom — and beware fake Coinbase job postings","date":"August 20, 2022","format":false,"excerpt":"Bad apples have given iPhone, Mac and iPad users more reasons to worry. Apple AAPL, -1.51% shared two security reports this week warning about serious vulnerabilities in some of its devices, which could allow attackers to take complete control of iPhones, iPads and Macs. Users were advised to update the\u2026","rel":"","context":"In "Technology"","img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":44237,"url":"https:\/\/harchi90.com\/a-single-flaw-broke-every-layer-of-security-in-macos\/","url_meta":{"origin":43744,"position":4},"title":"A Single Flaw Broke Every Layer of Security in macOS","date":"August 13, 2022","format":false,"excerpt":"every time you shut down your Mac, a pop-up appears: \u201cAre you sure you want to shut down your computer now?\u201d Nestled under the prompt is another option most of us likely overlook: the choice to reopen the apps and windows you have open now when your machine is turned\u2026","rel":"","context":"In "Technology"","img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]}],"fifu_image_url":"https:\/\/cdn.vox-cdn.com\/thumbor\/DzduzjCMriK0P1GpevSHkADQYB4=\/0x215:3000x1786\/fit-in\/1200x630\/cdn.vox-cdn.com\/uploads\/chorus_asset\/file\/19861740\/acastro_200331_1777_zoom_0001.0.jpg","_links":{"self":[{"href":"https:\/\/harchi90.com\/wp-json\/wp\/v2\/posts\/43744"}],"collection":[{"href":"https:\/\/harchi90.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/harchi90.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/harchi90.com\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/harchi90.com\/wp-json\/wp\/v2\/comments?post=43744"}],"version-history":[{"count":0,"href":"https:\/\/harchi90.com\/wp-json\/wp\/v2\/posts\/43744\/revisions"}],"wp:attachment":[{"href":"https:\/\/harchi90.com\/wp-json\/wp\/v2\/media?parent=43744"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/harchi90.com\/wp-json\/wp\/v2\/categories?post=43744"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/harchi90.com\/wp-json\/wp\/v2\/tags?post=43744"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}