Zoom has released a patch for a bug in macOS that could allow a hacker to take control of a user’s operating system (via MacRumors ). In an update to its security bulletin, Zoom acknowledges the issue (CVE-2022-28756) and says a fix is included in version 5.11.5 of the app on Mac, which you can (and should) download now.
Patrick Wardle, a security researcher and founder of the Objective-See Foundation, a non-profit organization that creates open source security tools for macOS, first discovered the flaw and presented it at the hacking conference in Def Con last week. My colleague Corin Faife attended the event and reported on Wardle’s findings.
As Corin explains, the exploit targets the Zoom installer, which requires special user permissions to run. Leveraging this tool, Wardle found that hackers could “trick” Zoom into installing malware by putting Zoom’s cryptographic signature on the packet. From there, attackers can gain further access to a user’s system, allowing them to modify, delete, or add files to the device.
Reversing the patch, we see that the Zoom installer now calls lchown to update the permissions of the update .pkg, thus preventing malicious subversions pic.twitter.com/00xjqKQsXs
— patrick wardle (@patrickwardle) August 14, 2022
“Mahalos to Zoom for the (incredibly) fast fix!” Wardle said in response to Zoom’s update. “By reversing the patch, we see that the Zoom installer now calls lchown to update the permissions of the update .pkg, thus preventing malicious subversion.”
You can install the 5.11.5 update to Zoom by first opening the app on your Mac and pressing zoom.us (this may be different depending on the country you’re in) from the menu bar at the top of the screen. Then select Check for updates, and if one is available, Zoom will display a window with the latest version of the app, along with details about what’s changing. From here, select Update to start the download.