As you know, zoom is one of those corporations that has already made its way to the shore of controversies. These controversies involve the hijacking of the zoom meeting, blocked IDs, and several other issues that we could ever assume. So, what about it? Does this make any sense to today’s topic? Yeah, it definitely, does. The reason we’re reading this is that zoom made its way into another trap and how it ended up in such a situation. Let’s talk about it.
American Communication Tech Company, Zoom
A patch is unleashed to fix a bug on macOS that could allow a hacker to take over the user’s operating system. What? Mac! Yes, you heard it right. For a few days, Apple Devices are beginning to have issues that are somewhat related to cybersecurity. This case is one of those!
When Zoom, whose headquarters is in San Jose, did know about this issue in the system, they took immediate action on it. They issued a security bulletin that says the latest update is already available with the security issues. So, users don’t need to worry about anything.
Related news here.Click Here Now!
Zoom said in the bulletin, update the “high” severity
“The Zoom Client for Meetings for macOS (Standard and for IT Admin) starting with version 5.7.3 and before 5.11.5 contains a vulnerability in the auto-update process. A local low-privileged user could exploit this vulnerability to escalate their privileges to root.”
There are several potential hackers that could use this vulnerability to their advantage, and make the situation worse for the victim. If anyone got access to the case, then that means the data of several people would be in danger.
Previously, a security researcher got a technique that if used by an attacker, might try to leverage the macOS version of Zoom. That’s to gain access to the entire operating system. Moreover, as a cyber security aspirant, you do know what would happen if someone had control over your operating system.
The first person to observe the moments of the bug was Patrick Wardle. After observing such abnormal behavior he presented it at the Def Con hacking conference which was held earlier this month in Las Vegas.
The Verge, Report
This bug is used to attack the installation feature of Zoom that needs special user permissions to run. It has been observed by the researcher that an adversary could potentially trick Zoom into implementing malware by placing the Organization’s Cryptographic Signature on the package.
Well, you could say that it’s one of the cheapest tricks that adversaries try to implement. But even these kinds of tricks can also put your data in danger. Now, after doing that, the hackers then gain access to a user’s system, letting them modify/ delete/ add files on the device.
As there were several attacks involving Zoom in the past, one of the attacks was so severe that it left one of the bugs in it. Previously several bugs were fixed by Zoom, but the company left the dangerous one behind with macOS, which has now been fixed.
Advice For Users
The company has advised users to download Zoom’s latest 5.11.5 update. That fixed the issue by opening the application on Mac and clicking on zoom.us from the menu bar that is located at the top of your screen. After that, just simply check for new updates and download them if available.
Mostly, the companies search for these kinds of bugs themselves, but from the point where they started bug bounty programs, they got the benefit of faster action on the attacks and made the effect of such attacks ineffective.
Users of online platforms can just rely on new updates. There they could try to learn about how things work and how to secure themselves from the malicious attacks that run online.
Watch out for more news here: