Wardle decided to go public with his findings at Def Con. He informed Zoom of this second bug, and more importantly, of the first bug not being fixed. Wardle said Zoom didn’t take him seriously and released a patch after a month, which contained another security bug. This devious scam app proves that Macs aren’t bulletproofįrustratingly, Wardle had discovered the security threat back in December and had informed Zoom of his findings. Microsoft’s Bing Chat: how to join the waitlist now At this level, the MacBook recognizes the hacker as a “superuser” who can then read, change or create any file, including adding other malware to the system. The Zoom package installer used a weak security certificate test and any file with the same name as the official Zoom package could easily bypass the test. The exploit allowed a threat actor to take control of someone’s Mac through the Zoom app, right down to the root level of the machine. The founder of the security non-profit Objective-See and an ex-NSA security analyst, Patrick Wardle, took to the stage on Friday and presented a stunning find: a massive security vulnerability in the Zoom installer for MacBooks. Zoom spent the weekend patching a major security flaw in its Mac app, and the update is available right now.Īccording to The Verge, it all began at Def Con, a computer security and hacker conference in Las Vegas. If you have Zoom installed on your MacBook, you’ll want to update the app right now.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |