The flaw can let the bad actor take over your Mac.
Update Your Zoom App Now
Are you using Zoom on Mac? If you are, then make sure that you update the app now. This video conferencing software has just released an update to fix the vulnerability that could allow a malicious program to control your system.
Zoom recently acknowledged the issue and promised to fix it. You can download the patch now.
The flaw was first discovered by Patrick Wardle. He’s a security researcher at the Objective-See Foundation. It’s a nonprofit organization that creates open-source security tools for macOS. He presented the flaw at the Def Con hacking conference.
The exploit targeted the Zoom installer. To run it, though, it needs special user permission. But hackers put Zoom’s cryptographic signature on the package so that Zoom could install a malicious program. Once installed, the hackers can gain access to a user’s system. They can also modify, delete or add files to their computer.
The Quick Fix
Wardle praised Zoom for quickly fixing the issue. In a tweet, he said that “the Zoom installer now invokes lchown to update the permissions of the update .pkg, thus preventing malicious subversions.”
When it comes to security, Zoom has a checkered past. It had problems with unauthorized access. It also lacked encryption. Some meetings had been invaded by unauthorized users. Thankfully, the company has fixed the problems through the latest update.
How to Manually Update the App?
Although Zoom can automatically update itself when you launch it, the app may not install the latest version. It happened to some users. To know what version you are using, you should open the app and click About Zoom. The version must be 5.11.5 (9788). If you don’t have the latest version, you can just update it manually.
To do it, go to zoom.us and click the Check for Updates option. Then, click the Install button. You can read the release notes to know more about the latest version. Depending on your Internet connection, the update can take a few minutes. After the update is done, the app will relaunch. You should see an alert stating that you are using the latest version.
Is It Safe to Use Now?
As long as you are running the latest version, it is safe to use this app. Although it has security issues, it is not the only video conferencing app with some flaws.
Google Meet, Microsoft Teams, and other apps received disapproval from security experts because of their privacy concerns. But Zoom has been involved in various lawsuits in the past.
It still boils down to what you use the platform for. If you are just chatting or video conferencing with your friends about some insignificant matters, then it is perfectly safe.
However, you should never use it to talk about confidential information or patient information. Treat this app like other apps. That is, you must not use the same password twice. If it suffers a breach, the password could be used by hackers to access your other accounts.