Zoom has issued its latest update while fixing several security flaws and bugs. One off the bugs could even allow a hacker to take control of the users' Apple Mac. A MacRumors report has revealed that "Zoom has released a new version of its macOS app with a fix for a security vulnerability affecting the app's automatic updates feature.” Zoom has acknowledged the issue (CVE-2022-28756) on its security bulletin and confirmed that a fix has been included in the latest version 5.11.5 of the app on Mac.
The bug was first discovered by Patrick Wardle, a security researcher and founder of the Objective-See Foundation, which is a non-profit organisation that creates open-source macOS security tools, The Verge reported. The report further quoted Corin that the flaw targets the Zoom installer on the macOS. He found that online hackers could easily “trick” Zoom by installing a malicious program while injecting Zoom's cryptographic signature on the package. This way, hackers can gain access to the Mac system and easily modify, delete or add files to the system.
Wardle said in a tweet while responding to Zoom's update, “Reversing the patch, we see the Zoom installer now invokes lchown to update the permissions of the update .pkg, thus preventing malicious subversion.” All Apple Mac users are advised to install the latest 5.11.5 update on Zoom. Know how to update the Zoom App on your Apple macOS.
If you are using the Zoom app on your Apple Mac, then you should update it now to the latest version. You will first need to open the app on your Mac.
Then open the menu bar at the top of your screen.
Now, check for the updates, if one’s available. If there are any updates, then Zoom will show a window with the latest app version along with
Read more on tech.hindustantimes.com