Wardle disclosed his findings to Zoom before his talk, and some aspects of the vulnerability were addressed, but key root access was still available as of Wardle's talk on Saturday. Zoom issued a security bulletin later that same day, and a patch for version Zoom 5.11.5 (9788) followed soon after. You can download the update directly from Zoom or click on your menu bar options to "Check for updates." We wouldn't suggest waiting for an automatic update, for multiple reasons. Zoom for Mac By Zoom Video Communications Free Download Now Key Details of Zoom Start or join a 100-person meeting with face-to-face video, high quality screen sharing, and instant messaging Last. ( Update: Clarified Wardle's disclosure and update timing). Zoom's software security record is spotty-and at times, downright scary. Zoom on the Mac App Store Mac App Store Preview Open the Mac App Store to buy and download apps. ![]() The company settled with the FTC in 2020 after admitting that it lied for years about offering end-to-end encryption. ![]() Wardle previously revealed a Zoom vulnerability that let attackers steal Windows credentials by sending a string of text. ![]() Prior to that, Zoom was caught running an entire undocumented web server on Macs, causing Apple to issue its own silent update to kill the server. ![]() Last May, a Zoom vulnerability that enabled a zero-click remote code execution used a similar downgrade and signature-check bypass. Open the Zoom Download Center in your preferred internet browser. Ars' Dan Goodin noted that his Zoom client didn't actually update when the fix for that issue arrived, requiring a manual download of an intermediate version first. If the download fails or you want to do it manually, follow these steps to add the Zoom app to your Mac. Hackers can take advantage of exposed Zoom vulnerabilities quickly, Goodin noted, if Zoom users aren't updated right away.
0 Comments
Leave a Reply. |