Cyberthreat: New Zoom bug makes Mac users more vulnerable to hackers –Report

*Expert urges consumers to apply the latest security update before their next videoconference meeting

Isola Moses | ConsumerConnect

Zoom rapidly gained popularity during the COVID-19 pandemic as more consumers shifted to remote work worldwide.

However, consumers have faced several security and privacy issues over the years in connection to the service, according to report.

It was learnt a researcher says a new bug is putting Mac users at risk.

Patrick Wardle, Founder of the non-profit organisation ‘Objective-See’, stated at a recent DefCon event that a flaw in Zoom’s automatic update tool could allow hackers to infiltrate Mac computers.

He explained that when this tool runs an update, it looks for a signing certificate –or a unique digital verification code –that matches Zoom.

Since automatic updates do not require a password to be installed, Wardle says hackers could create packages that mimic Zoom’s signing certificate to install malicious files or programmes onto users’ Macs.

This, the expert stated, could allow them to completely take over the device to delete files, steal passwords, or alter documents.

Get the latest version of Zoom

Wardle initially told Zoom about his findings December 2021, which prompted the company to create a fix for the issue. Unfortunately, that fix reportedly included a bug that still allowed the automatic updater vulnerability to be effective.

Following Wardle’s DefCon presentation, Zoom issued a new patch under update 5.11.5 (9788). Mac users should download this update immediately to protect themselves from hackers.

Kindly Share This Story