YouTube has made an addition to it’s short form video sharing platform YouTube Shorts. YouTube Shorts, which also hosts user content now allows users…
An update for the virtual meeting platform Zoom on MacOS could have allowed a hacker to control a user’s operating system.
Zoom attended to the issue with an update to the patch and acknowledged the issue (CVE-2022-28756).
Versions 5.7.3 to 5.11.5 of the MacOs app contained a vulnerability in the auto-update process that could be exploited by a local low-privileged user to gain root privileges to the operating system.
The vulnerability has been patched with the Zoom app for MacOS readily available.
The dropped ball was flagged by Mac security researcher Patrick Wardle.
Mahalo to everybody who came to my @defcon talk “You’re M̶u̶t̶e̶d̶ Rooted” 🙏🏽
Was stoked to talk about (& live-demo 😅) a local priv-esc vulnerability in Zoom (for macOS).
Currently there is no patch 👀😱
— patrick wardle (@patrickwardle) August 12, 2022
In Zooms August security bulletin the virtual meeting platform confirmed: “A local low-privileged user could exploit this vulnerability to escalate their privileges to root.
“Users can help keep themselves secure by applying current updates or downloading the latest Zoom software with all current security updates from https: //zoom.us/download.”
The researcher who flagged the issue was quick to laud Zoom for their incredibly quick fix to attend to the issue.
🐛 Bug assigned CVE-2022-28756
🩹 Patch now available, in Zoom v5.11.5 (9788)
See Zoom’s security bulletin: https://t.co/xUpE4jS6ck
— patrick wardle (@patrickwardle) August 14, 2022
At the Def Con hacking conference in Las Vegas Wardle picked up a way to leverage the MacOS version of Zoom only for Zoom to galvanize some bugs.
How it works
The initial Zoom update meant the updater function would install the new package after authenticating its cryptography by Zoom.
A bug in the checking method meant providing the updater any file with the same name as Zoom’s signing certificate.
This would be enough to pass through, meaning a hacker could substitute any kind of malware program and have it be run by the updater with elevated privilege.
In simple terms, once the attacker has gained initial access to the target system, they may exploit the system further to a higher level of control.