And here are two new security vulnerabilities for Zoom

It may be a good time to use Zoom more. The more popular the videoconferencing software, the more obvious the carelessness of its developers: end-to-end false encryption, disclosure of personal information, poor installation practices… Once there, it is better to look for an alternative, whether Skype, WhatsApp, or even FaceTime if the loved ones are all equipped with Apple products (recent).

To convince the most recalcitrant, security researcher Patrick Wardle has put your hand on two additional vulnerabilities that specifically affect the Mac. For each of them, the thief must have physical access to the computer, which limits the possibilities of piracy. The fact remains that these are security breaches and that they continue to pile up.

The first allows a forban to obtain the same access rights to the microphone and to the Zoom webcam. The software must indeed ask the user’s permission to access these components essential to its operation. This authorization request has a flaw that allows a bandit to inject malicious code, in order to recover access rights. The latter can then secretly monitor the user.

The second flaw is directly related to the software installation system on macOS, which will far too fast to work. It turns out that a malapris is able to drag code with the privileges of a lambda user in order to obtain root access. It can thus access the lowest and most sensitive layers of macOS, which is not without posing serious security problems.

Zoom hasn’t provided any fixes yet.


Read Also:  ESET researchers discovered new ransomware for Android and created a decryption tool
Share on facebook
Share on pinterest
Share on twitter
Share on linkedin
Share on email


Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.