{"id":12342,"date":"2022-08-15T14:43:18","date_gmt":"2022-08-15T14:43:18","guid":{"rendered":"https:\/\/scienceandnerds.com\/2022\/08\/15\/zooms-latest-update-on-mac-includes-a-fix-for-a-dangerous-security-flaw\/"},"modified":"2022-08-15T14:43:19","modified_gmt":"2022-08-15T14:43:19","slug":"zooms-latest-update-on-mac-includes-a-fix-for-a-dangerous-security-flaw","status":"publish","type":"post","link":"https:\/\/scienceandnerds.com\/2022\/08\/15\/zooms-latest-update-on-mac-includes-a-fix-for-a-dangerous-security-flaw\/","title":{"rendered":"Zoom\u2019s latest update on Mac includes a fix for a dangerous security flaw"},"content":{"rendered":"

Source: https:\/\/www.theverge.com\/2022\/8\/14\/23305548\/zoom-update-macos-fix-dangerous-security-flaw-hackers<\/a>
\n
<\/br><\/code><\/p>\n

\n

Zoom has issued a patch for a bug on macOS that could allow a hacker to take control of a user\u2019s operating system (via MacRumors<\/em><\/a>). In an update on its security bulletin<\/a>, Zoom acknowledges the issue (CVE-2022-28756) and says a fix is included in version 5.11.5 of the app on Mac, which you can (and should) download now.<\/p>\n

Patrick Wardle, a security researcher and founder of the Objective-See Foundation, a nonprofit that creates open-source macOS security tools, first uncovered the flaw and presented it at the Def Con hacking conference last week. My colleague, Corin Faife, attended the event and reported on Wardle\u2019s findings<\/a>. <\/p>\n

As Corin explains, the exploit targets the Zoom installer, which requires special user permissions to run. By leveraging this tool, Wardle found that hackers could essentially \u201ctrick\u201d Zoom into installing a malicious program by putting Zoom\u2019s cryptographic signature on the package. From here, attackers can then gain further access to a user\u2019s system, letting them modify, delete, or add files on the device.<\/p>\n

\n
\n
\n

Reversing the patch, we see the Zoom installer now invokes lchown to update the permissions of the update .pkg, thus preventing malicious subversions pic.twitter.com\/00xjqKQsXs<\/a><\/p>\n

\u2014 patrick wardle (@patrickwardle) August 14, 2022<\/a>\n<\/p><\/blockquote>\n<\/div>\n<\/div>\n

\u201cMahalos to Zoom for the (incredibly) quick fix!\u201d Wardle said in response<\/a> to Zoom\u2019s update. \u201cReversing the patch, we see the Zoom installer now invokes lchown to update the permissions of the update .pkg, thus preventing malicious subversion.\u201d<\/p>\n

You can install the 5.11.5 update on Zoom by first opening the app on your Mac and hitting zoom.us<\/strong> (this might be different depending on what country you\u2019re in) from the menu bar at the top of your screen. Then, select Check for updates<\/strong>, and if one\u2019s available, Zoom will display a window with the latest app version, along with details about what\u2019s changing. From here, select Update<\/strong> to begin the download.<\/p>\n<\/div>\n


<\/br><\/code><\/p>\n

Source: https:\/\/www.theverge.com\/2022\/8\/14\/23305548\/zoom-update-macos-fix-dangerous-security-flaw-hackers<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Source: Zoom has issued a patch for a bug on macOS that could allow a hacker to take control of a user\u2019s operating system (via MacRumors). In an update on its security bulletin, Zoom acknowledges the issue (CVE-2022-28756) and says a fix is included in version 5.11.5 of the app on Mac, which you can […]<\/p>\n","protected":false},"author":1,"featured_media":12343,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"nf_dc_page":"","om_disable_all_campaigns":false,"pagelayer_contact_templates":[],"_pagelayer_content":"","_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[53,8],"tags":[54],"class_list":["post-12342","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-apps","category-technology","tag-apps"],"yoast_head":"\nZoom\u2019s latest update on Mac includes a fix for a dangerous security flaw - Science and Nerds<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/scienceandnerds.com\/2022\/08\/15\/zooms-latest-update-on-mac-includes-a-fix-for-a-dangerous-security-flaw\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Zoom\u2019s latest update on Mac includes a fix for a dangerous security flaw - Science and Nerds\" \/>\n<meta property=\"og:description\" content=\"Source: Zoom has issued a patch for a bug on macOS that could allow a hacker to take control of a user\u2019s operating system (via MacRumors). In an update on its security bulletin, Zoom acknowledges the issue (CVE-2022-28756) and says a fix is included in version 5.11.5 of the app on Mac, which you can […]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/scienceandnerds.com\/2022\/08\/15\/zooms-latest-update-on-mac-includes-a-fix-for-a-dangerous-security-flaw\/\" \/>\n<meta property=\"og:site_name\" content=\"Science and Nerds\" \/>\n<meta property=\"article:published_time\" content=\"2022-08-15T14:43:18+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2022-08-15T14:43:19+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/scienceandnerds.com\/wp-content\/uploads\/2022\/08\/zooms-latest-update-on-mac-includes-a-fix-for-a-dangerous-security-flaw_62fa5b872d211.jpeg\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"628\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"admin\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"admin\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/scienceandnerds.com\/2022\/08\/15\/zooms-latest-update-on-mac-includes-a-fix-for-a-dangerous-security-flaw\/\",\"url\":\"https:\/\/scienceandnerds.com\/2022\/08\/15\/zooms-latest-update-on-mac-includes-a-fix-for-a-dangerous-security-flaw\/\",\"name\":\"Zoom\u2019s latest update on Mac includes a fix for a dangerous security flaw - Science and Nerds\",\"isPartOf\":{\"@id\":\"https:\/\/scienceandnerds.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/scienceandnerds.com\/2022\/08\/15\/zooms-latest-update-on-mac-includes-a-fix-for-a-dangerous-security-flaw\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/scienceandnerds.com\/2022\/08\/15\/zooms-latest-update-on-mac-includes-a-fix-for-a-dangerous-security-flaw\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/i0.wp.com\/scienceandnerds.com\/wp-content\/uploads\/2022\/08\/zooms-latest-update-on-mac-includes-a-fix-for-a-dangerous-security-flaw_62fa5b872d211.jpeg?fit=1200%2C628&ssl=1\",\"datePublished\":\"2022-08-15T14:43:18+00:00\",\"dateModified\":\"2022-08-15T14:43:19+00:00\",\"author\":{\"@id\":\"https:\/\/scienceandnerds.com\/#\/schema\/person\/ea2991abeb2b9ab04b32790dff28360e\"},\"breadcrumb\":{\"@id\":\"https:\/\/scienceandnerds.com\/2022\/08\/15\/zooms-latest-update-on-mac-includes-a-fix-for-a-dangerous-security-flaw\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/scienceandnerds.com\/2022\/08\/15\/zooms-latest-update-on-mac-includes-a-fix-for-a-dangerous-security-flaw\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/scienceandnerds.com\/2022\/08\/15\/zooms-latest-update-on-mac-includes-a-fix-for-a-dangerous-security-flaw\/#primaryimage\",\"url\":\"https:\/\/i0.wp.com\/scienceandnerds.com\/wp-content\/uploads\/2022\/08\/zooms-latest-update-on-mac-includes-a-fix-for-a-dangerous-security-flaw_62fa5b872d211.jpeg?fit=1200%2C628&ssl=1\",\"contentUrl\":\"https:\/\/i0.wp.com\/scienceandnerds.com\/wp-content\/uploads\/2022\/08\/zooms-latest-update-on-mac-includes-a-fix-for-a-dangerous-security-flaw_62fa5b872d211.jpeg?fit=1200%2C628&ssl=1\",\"width\":1200,\"height\":628},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/scienceandnerds.com\/2022\/08\/15\/zooms-latest-update-on-mac-includes-a-fix-for-a-dangerous-security-flaw\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/scienceandnerds.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Zoom\u2019s latest update on Mac includes a fix for a dangerous security flaw\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/scienceandnerds.com\/#website\",\"url\":\"https:\/\/scienceandnerds.com\/\",\"name\":\"Science and Nerds\",\"description\":\"My WordPress Blog\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/scienceandnerds.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/scienceandnerds.com\/#\/schema\/person\/ea2991abeb2b9ab04b32790dff28360e\",\"name\":\"admin\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/scienceandnerds.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/7e6e14fc6691445ef2b2c0a3a6c43882?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/7e6e14fc6691445ef2b2c0a3a6c43882?s=96&d=mm&r=g\",\"caption\":\"admin\"},\"sameAs\":[\"https:\/\/scienceandnerds.com\"],\"url\":\"https:\/\/scienceandnerds.com\/author\/admin\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Zoom\u2019s latest update on Mac includes a fix for a dangerous security flaw - Science and Nerds","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/scienceandnerds.com\/2022\/08\/15\/zooms-latest-update-on-mac-includes-a-fix-for-a-dangerous-security-flaw\/","og_locale":"en_US","og_type":"article","og_title":"Zoom\u2019s latest update on Mac includes a fix for a dangerous security flaw - Science and Nerds","og_description":"Source: Zoom has issued a patch for a bug on macOS that could allow a hacker to take control of a user\u2019s operating system (via MacRumors). In an update on its security bulletin, Zoom acknowledges the issue (CVE-2022-28756) and says a fix is included in version 5.11.5 of the app on Mac, which you can […]","og_url":"https:\/\/scienceandnerds.com\/2022\/08\/15\/zooms-latest-update-on-mac-includes-a-fix-for-a-dangerous-security-flaw\/","og_site_name":"Science and Nerds","article_published_time":"2022-08-15T14:43:18+00:00","article_modified_time":"2022-08-15T14:43:19+00:00","og_image":[{"width":1200,"height":628,"url":"https:\/\/scienceandnerds.com\/wp-content\/uploads\/2022\/08\/zooms-latest-update-on-mac-includes-a-fix-for-a-dangerous-security-flaw_62fa5b872d211.jpeg","type":"image\/jpeg"}],"author":"admin","twitter_card":"summary_large_image","twitter_misc":{"Written by":"admin","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/scienceandnerds.com\/2022\/08\/15\/zooms-latest-update-on-mac-includes-a-fix-for-a-dangerous-security-flaw\/","url":"https:\/\/scienceandnerds.com\/2022\/08\/15\/zooms-latest-update-on-mac-includes-a-fix-for-a-dangerous-security-flaw\/","name":"Zoom\u2019s latest update on Mac includes a fix for a dangerous security flaw - Science and Nerds","isPartOf":{"@id":"https:\/\/scienceandnerds.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/scienceandnerds.com\/2022\/08\/15\/zooms-latest-update-on-mac-includes-a-fix-for-a-dangerous-security-flaw\/#primaryimage"},"image":{"@id":"https:\/\/scienceandnerds.com\/2022\/08\/15\/zooms-latest-update-on-mac-includes-a-fix-for-a-dangerous-security-flaw\/#primaryimage"},"thumbnailUrl":"https:\/\/i0.wp.com\/scienceandnerds.com\/wp-content\/uploads\/2022\/08\/zooms-latest-update-on-mac-includes-a-fix-for-a-dangerous-security-flaw_62fa5b872d211.jpeg?fit=1200%2C628&ssl=1","datePublished":"2022-08-15T14:43:18+00:00","dateModified":"2022-08-15T14:43:19+00:00","author":{"@id":"https:\/\/scienceandnerds.com\/#\/schema\/person\/ea2991abeb2b9ab04b32790dff28360e"},"breadcrumb":{"@id":"https:\/\/scienceandnerds.com\/2022\/08\/15\/zooms-latest-update-on-mac-includes-a-fix-for-a-dangerous-security-flaw\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/scienceandnerds.com\/2022\/08\/15\/zooms-latest-update-on-mac-includes-a-fix-for-a-dangerous-security-flaw\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/scienceandnerds.com\/2022\/08\/15\/zooms-latest-update-on-mac-includes-a-fix-for-a-dangerous-security-flaw\/#primaryimage","url":"https:\/\/i0.wp.com\/scienceandnerds.com\/wp-content\/uploads\/2022\/08\/zooms-latest-update-on-mac-includes-a-fix-for-a-dangerous-security-flaw_62fa5b872d211.jpeg?fit=1200%2C628&ssl=1","contentUrl":"https:\/\/i0.wp.com\/scienceandnerds.com\/wp-content\/uploads\/2022\/08\/zooms-latest-update-on-mac-includes-a-fix-for-a-dangerous-security-flaw_62fa5b872d211.jpeg?fit=1200%2C628&ssl=1","width":1200,"height":628},{"@type":"BreadcrumbList","@id":"https:\/\/scienceandnerds.com\/2022\/08\/15\/zooms-latest-update-on-mac-includes-a-fix-for-a-dangerous-security-flaw\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/scienceandnerds.com\/"},{"@type":"ListItem","position":2,"name":"Zoom\u2019s latest update on Mac includes a fix for a dangerous security flaw"}]},{"@type":"WebSite","@id":"https:\/\/scienceandnerds.com\/#website","url":"https:\/\/scienceandnerds.com\/","name":"Science and Nerds","description":"My WordPress Blog","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/scienceandnerds.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/scienceandnerds.com\/#\/schema\/person\/ea2991abeb2b9ab04b32790dff28360e","name":"admin","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/scienceandnerds.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/7e6e14fc6691445ef2b2c0a3a6c43882?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/7e6e14fc6691445ef2b2c0a3a6c43882?s=96&d=mm&r=g","caption":"admin"},"sameAs":["https:\/\/scienceandnerds.com"],"url":"https:\/\/scienceandnerds.com\/author\/admin\/"}]}},"jetpack_sharing_enabled":true,"jetpack_featured_media_url":"https:\/\/i0.wp.com\/scienceandnerds.com\/wp-content\/uploads\/2022\/08\/zooms-latest-update-on-mac-includes-a-fix-for-a-dangerous-security-flaw_62fa5b872d211.jpeg?fit=1200%2C628&ssl=1","_links":{"self":[{"href":"https:\/\/scienceandnerds.com\/wp-json\/wp\/v2\/posts\/12342"}],"collection":[{"href":"https:\/\/scienceandnerds.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/scienceandnerds.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/scienceandnerds.com\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/scienceandnerds.com\/wp-json\/wp\/v2\/comments?post=12342"}],"version-history":[{"count":1,"href":"https:\/\/scienceandnerds.com\/wp-json\/wp\/v2\/posts\/12342\/revisions"}],"predecessor-version":[{"id":12344,"href":"https:\/\/scienceandnerds.com\/wp-json\/wp\/v2\/posts\/12342\/revisions\/12344"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/scienceandnerds.com\/wp-json\/wp\/v2\/media\/12343"}],"wp:attachment":[{"href":"https:\/\/scienceandnerds.com\/wp-json\/wp\/v2\/media?parent=12342"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/scienceandnerds.com\/wp-json\/wp\/v2\/categories?post=12342"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/scienceandnerds.com\/wp-json\/wp\/v2\/tags?post=12342"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}