Saturday, Jul 11, 2026
English News
  • Hyderabad
  • Telangana
  • AP News
  • India
  • World
  • Entertainment
  • Sport
  • Science and Tech
  • Business
  • Rewind
  • ...
    • NRI
    • View Point
    • cartoon
    • My Space
    • Education Today
    • Reviews
    • Property
    • Lifestyle
E-Paper
  • NRI
  • View Point
  • cartoon
  • My Space
  • Reviews
  • Education Today
  • Property
  • Lifestyle
Home | News | Zoom Installer Flaw Can Give Attackers Root Access To Mac Report

Zoom installer flaw can give attackers root access to Mac: Report

San Francisco: A security researcher has found a way that an attacker could leverage the macOS version of Zoom to gain access over the entire operating system. According to The Verge, details of the exploit were released in a presentation by Mac security specialist Patrick Wardle at the Def Con hacking conference in Las Vegas this […]

By IANS
Published Date - 13 August 2022, 03:30 PM
Zoom installer flaw can give attackers root access to Mac: Report
whatsapp facebook twitter telegram

San Francisco: A security researcher has found a way that an attacker could leverage the macOS version of Zoom to gain access over the entire operating system.

According to The Verge, details of the exploit were released in a presentation by Mac security specialist Patrick Wardle at the Def Con hacking conference in Las Vegas this week.


Zoom has already fixed some of the bugs involved, but the researcher also presented one unpatched vulnerability that still affects systems now.

The exploit works by targeting the installer for the Zoom application, which needs to run with special user permissions to install or remove the main Zoom application from a computer.

Though the installer requires a user to enter their password on first adding the application to the system, Wardle found that an auto-update function then continually ran in the background with superuser privileges.

When Zoom issued an update, the updater function would install the new package after checking that it had been cryptographically signed by Zoom.

But a bug in how the checking method was implemented meant that giving the updater any file with the same name as Zoom’s signing certificate would be enough to pass the test — so an attacker could substitute any malware program and have it be run by the updater with elevated privilege, the report said.

The result is a privilege escalation attack, which assumes an attacker has already gained initial access to the target system and then employs an exploit to gain a higher level of access.

In this case, the attacker begins with a restricted user account but escalates into the most powerful user type — known as a “superuser” or “root” — allowing them to add, remove, or modify any files on the machine.

  • Follow Us :
  • Tags
  • Mac
  • MacOS
  • Zoom

Related News

  • India’s ‘AI natives’ demand balance between efficiency and empathy: Zoom study

    India’s ‘AI natives’ demand balance between efficiency and empathy: Zoom study

  • Zoom unveils AI Companion 3.0 at Zoomtopia 2025

    Zoom unveils AI Companion 3.0 at Zoomtopia 2025

  • Zoom expands AI Companion with deeper app integrations, new agentic capabilities

    Zoom expands AI Companion with deeper app integrations, new agentic capabilities

  • Zoom rolls out AI-powered Contact Center in India with BYOC flexibility

    Zoom rolls out AI-powered Contact Center in India with BYOC flexibility

Latest News

  • West bengal government forms committee to examine draft uniform civil code bill

    3 mins ago
  • FSSAI issues nine notices to Swiggy Instamart over alleged food safety violations

    26 mins ago
  • Shubman Gill names Roger Federer as his favourite tennis player

    55 mins ago
  • Centre issues fresh National Anthem, National Song guidelines

    54 mins ago
  • Anne Hathaway says she hopes her children grow up to be like Tom Holland

    56 mins ago
  • Tension prevails as police detain Sabitha Indra Reddy on way to visit Shabad murder victims’ kin

    2 hours ago
  • Akanksha Ranjan joins Dhurandhar trend with behind-the-scenes post from Ikka

    59 mins ago
  • Mild earthquake shakes Hingoli district in Maharashtra

    2 hours ago

company

  • Home
  • About Us
  • Contact Us
  • Privacy Policy

business

  • Subscribe

telangana today

  • Telangana
  • Hyderabad
  • Latest News
  • Entertainment
  • World
  • Andhra Pradesh
  • Science & Tech
  • Sport

follow us

  • Telangana Today Telangana Today
Telangana Today Telangana Today

© Copyrights 2024 TELANGANA PUBLICATIONS PVT. LTD. All rights reserved. Powered by Veegam