Users zooming with a Mac can rest a little easier. Ars Technica report Zoom yes update its Mac software to patch a vulnerability that would allow intruders to take control of the system. The video calling software’s auto updater not only has root level access, but also has a signature verification system that you can fool just by giving your package a familiar filename. Hackers can force your app to downgrade or enable exploits.
Objective-See Foundation (OSF) creator and researcher Patrick Wardle first discovered the security flaw and disclosed it to Zoom last December. Zoom fixed that issue but threw another error in the process. Zoom also solved that problem, but Wardle still found another vulnerability. The OSF founder discussed his findings at Def-Con last week. Zoom confirmed the issue that day and patched it later.
This isn’t the first time Zoom has faced security headaches, including for the Mac. In 2019, the company raced to fix one exploit intrusive webcam based on a locally created web server. Increased surveillance of Zoom at the start of the COVID-19 pandemic in the spring of 2020 also spurred a comprehensive review of the company’s activities. While that has led to changes, it’s clear that Zoom is not immune to mistakes.
All products recommended by Engadget are curated by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.