Zoom’s latest update on Mac includes a fix for a dangerous security flaw
by Emma Roth from The Verge - All Posts on (#62GJP)
Illustration by Alex Castro / The Verge
Zoom has issued a patch for a bug on macOS that could allow a hacker to take control of a user's operating system (via MacRumors). In an update on its security bulletin, Zoom acknowledges the issue (CVE-2022-28756) and says a fix is included in version 5.11.5 of the app on Mac, which you can (and should) download now.
Patrick Wardle, a security researcher and founder of the Objective-See Foundation, a nonprofit that creates open-source macOS security tools, first uncovered the flaw and presented it at the Def Con hacking conference last week. My colleague, Corin Faife, attended the event and reported on Wardle's findings.
As Corin explains, the exploit targets the Zoom installer, which requires special user permissions to run. By...