Science and Tech

Zoom for Mac fixes a vulnerability in the auto-update feature

Zoom for Mac fixes a vulnerability in the auto-update feature

16 Aug. (Portaltic/EP) –

zoom has urged users of the client for mac to download the new version to correct a vulnerability present in the automatic update function that allows attackers access and control of the system.

The technology company has reported a high severity vulnerabilityidentified as CVE-2022-28756, present in the automatic update functionactivated by default, the exploitation of which would allow escalation of root privileges.

Patrick Wardle, founder of the Objective-See Foundation, warned last week of the vulnerability in A chat at the Defcon cybersecurity conference. Among other actions, an attacker could install an older version of the Zoom client or enable ‘exploits’.


This vulnerability is present in both the Mac client from version 5.7.3 as in versions prior to 5.11.5as indicated by Zoom in its security bulletin. The company has already released a new version that users will have to install manually.



Source link