Zoom installer flaw can give attackers root access to Mac: Report



A security researcher has found a way that an attacker could leverage the macOS version of to gain access over the entire operating system.


According to The Verge, details of the exploit were released in a presentation by Mac security specialist Patrick Wardle at the Def Con hacking conference in Las Vegas this week.


has already fixed some of the bugs involved, but the researcher also presented one unpatched vulnerability that still affects systems now.


The exploit works by targeting the installer for the application, which needs to run with special user permissions to install or remove the main Zoom application from a computer.


Though the installer requires a user to enter their password on first adding the application to the system, Wardle found that an auto-update function then continually ran in the background with superuser privileges.


When Zoom issued an update, the updater function would install the new package after checking that it had been cryptographically signed by Zoom.


But a bug in how the checking method was implemented meant that giving the updater any file with the same name as Zoom’s signing certificate would be enough to pass the test — so an attacker could substitute any malware program and have it be run by the updater with elevated privilege, the report said.


The result is a privilege escalation attack, which assumes an attacker has already gained initial access to the target system and then employs an exploit to gain a higher level of access.


In this case, the attacker begins with a restricted user account but escalates into the most powerful user type — known as a “superuser” or “root” — allowing them to add, remove, or modify any files on the machine.


–IANS


vc/ksk/

(Only the headline and picture of this report may have been reworked by the Business Standard staff; the rest of the content is auto-generated from a syndicated feed.)

Dear Reader,

Business Standard has always strived hard to provide up-to-date information and commentary on developments that are of interest to you and have wider political and economic implications for the country and the world. Your encouragement and constant feedback on how to improve our offering have only made our resolve and commitment to these ideals stronger. Even during these difficult times arising out of Covid-19, we continue to remain committed to keeping you informed and updated with credible news, authoritative views and incisive commentary on topical issues of relevance.

We, however, have a request.

As we battle the economic impact of the pandemic, we need your support even more, so that we can continue to offer you more quality content. Our subscription model has seen an encouraging response from many of you, who have subscribed to our online content. More subscription to our online content can only help us achieve the goals of offering you even better and more relevant content. We believe in free, fair and credible journalism. Your support through more subscriptions can help us practise the journalism to which we are committed.

Support quality journalism and subscribe to Business Standard.

Digital Editor





Supply hyperlink

Leave a Comment

%d bloggers like this: