1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • The macOS installer for Zoom installer could let hackers hijack y

    From TechnologyDaily@1337:1/100 to All on Mon Aug 15 13:30:03 2022
    The macOS installer for Zoom installer could let hackers hijack your device

    Date:
    Mon, 15 Aug 2022 12:26:32 +0000

    Description:
    Update Zoom now or face possible macOS hijacking, experts warn.

    FULL STORY ======================================================================

    Zoom has patched a serious security flaw that could have allowed hackers to take over a macOS device running the video conferencing software.

    The move came after Mac security specialist Patrick Wardle demonstrated how a threat actor could abuse the way macOS handles software patches to trigger an escalation of privilege and essentially take over the device.

    Initially, he said the vulnerability leveraged multiple flaws, and that the company addressed most of them. One remained, however, and that one was patched on a later date to finally fully mitigate the issue. Tricking the updater

    The problem lies in the way macOS handles updates. When a user first tries to install an app or a program on the endpoint , they need to run with special user permissions, often given by submitting a password . After that, auto-updates run indefinitely, with superuser privileges.

    In Zooms case, the updater would first check to see if the company cryptographically signed the new package, and if so, proceed with the update. However, should the updater get any file with the same name as Zooms signing certificate, it would run it. In other words, an attacker could slip in any malware through the updater, even if it meant giving a third party full
    access to the device. Read more

    Zoom has patched a number of security issues


    These Zoom security flaws could allow hackers to hijack your device


    Defend your devices from malware with these solutions

    The flaw was later identified as CVE-2022-28756, and was fixed in Zoom
    version 5.11.5 for macOS, which is available now to download.

    Even though at first Wardle described the flaw as relatively easy to fix,
    even he was surprised at the speed at which Zoom addressed the issue: Mahalos to Zoom for the (incredibly) quick fix! Wardle tweeted afterwards. Reversing the patch, we see the Zoom installer now invokes lchown to update the permissions of the update .pkg, thus preventing malicious subversion. These are the best firewalls around

    Via: The Verge



    ======================================================================
    Link to news story: https://www.techradar.com/news/the-macos-installer-for-zoom-installer-could-le t-hackers-hijack-your-device/


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)