Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the wp-plugin-hostgator domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home4/scienrds/scienceandnerds/wp-includes/functions.php on line 6114

Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the ol-scrapes domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home4/scienrds/scienceandnerds/wp-includes/functions.php on line 6114

Warning: Cannot modify header information - headers already sent by (output started at /home4/scienrds/scienceandnerds/wp-includes/functions.php:6114) in /home4/scienrds/scienceandnerds/wp-includes/rest-api/class-wp-rest-server.php on line 1893

Warning: Cannot modify header information - headers already sent by (output started at /home4/scienrds/scienceandnerds/wp-includes/functions.php:6114) in /home4/scienrds/scienceandnerds/wp-includes/rest-api/class-wp-rest-server.php on line 1893

Warning: Cannot modify header information - headers already sent by (output started at /home4/scienrds/scienceandnerds/wp-includes/functions.php:6114) in /home4/scienrds/scienceandnerds/wp-includes/rest-api/class-wp-rest-server.php on line 1893

Warning: Cannot modify header information - headers already sent by (output started at /home4/scienrds/scienceandnerds/wp-includes/functions.php:6114) in /home4/scienrds/scienceandnerds/wp-includes/rest-api/class-wp-rest-server.php on line 1893

Warning: Cannot modify header information - headers already sent by (output started at /home4/scienrds/scienceandnerds/wp-includes/functions.php:6114) in /home4/scienrds/scienceandnerds/wp-includes/rest-api/class-wp-rest-server.php on line 1893

Warning: Cannot modify header information - headers already sent by (output started at /home4/scienrds/scienceandnerds/wp-includes/functions.php:6114) in /home4/scienrds/scienceandnerds/wp-includes/rest-api/class-wp-rest-server.php on line 1893

Warning: Cannot modify header information - headers already sent by (output started at /home4/scienrds/scienceandnerds/wp-includes/functions.php:6114) in /home4/scienrds/scienceandnerds/wp-includes/rest-api/class-wp-rest-server.php on line 1893

Warning: Cannot modify header information - headers already sent by (output started at /home4/scienrds/scienceandnerds/wp-includes/functions.php:6114) in /home4/scienrds/scienceandnerds/wp-includes/rest-api/class-wp-rest-server.php on line 1893
{"id":12266,"date":"2022-08-13T14:52:51","date_gmt":"2022-08-13T14:52:51","guid":{"rendered":"https:\/\/scienceandnerds.com\/2022\/08\/13\/the-zoom-installer-let-a-researcher-hack-his-way-to-root-access-on-macos\/"},"modified":"2022-08-13T14:52:52","modified_gmt":"2022-08-13T14:52:52","slug":"the-zoom-installer-let-a-researcher-hack-his-way-to-root-access-on-macos","status":"publish","type":"post","link":"https:\/\/scienceandnerds.com\/2022\/08\/13\/the-zoom-installer-let-a-researcher-hack-his-way-to-root-access-on-macos\/","title":{"rendered":"The Zoom installer let a researcher hack his way to root access on macOS"},"content":{"rendered":"

Source: https:\/\/www.theverge.com\/2022\/8\/12\/23303411\/zoom-defcon-root-access-privilege-escalation-hack-patrick-wardle<\/a>
\n
<\/br><\/code><\/p>\n

\n

A security researcher has found a way that an attacker could leverage the macOS version of Zoom to gain access over the entire operating system.<\/p>\n

Details of the exploit were released in a presentation given by Mac security specialist Patrick Wardle at the Def Con hacking conference in Las Vegas on Friday. Some of the bugs involved have already been fixed by Zoom, but the researcher also presented one unpatched vulnerability that still affects systems now.<\/p>\n

The exploit works by targeting the installer for the Zoom application, which needs to run with special user permissions in order to install or remove the main Zoom application from a computer. Though the installer requires a user to enter their password on first adding the application to the system, Wardle found that an auto-update function then continually ran in the background with superuser privileges.<\/p>\n

\n