With root, of course, it'd be easy to install malware or carry out other forms of malfeasance.Īt its crux, the bug exploits the way Zoom installs itself on Apple machines. To exploit it, an attacker would have to replace a bash script during an installation or upgrade of the vulnerable version. One of the bugs, a privilege escalation vulnerability, could let an attacker obtain root privilege. Wardle, who works as a Principal Security Researcher for Apple device management platform Jamf, detailed the bugs, both of which are still unpatched, in an Objective-See blog Wednesday. The issues specifically exist in Zoom's macOS client, according to longtime Apple security researcher Patrick Wardle. As if Zoom - the video conferencing app that countless companies are using to do work in wake of the COVID-19 pandemic – didn’t have enough of a privacy nightmare on its hands, a researcher today disclosed two new zero day vulnerabilities in the app that could be used to steal data and spy on users.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |