The bug might allow a hacker to take control of your system.
Zoom has released a fix for a macOS problem that might allow a hacker to take control of a user’s operating system (via MacRumors). Zoom admits the issue (CVE-2022-28756) in an update to its security notice and says a solution is available in version 5. 11. 5 of the Mac programme, which you can (and should) download now.
Wardle (security researcher and creator of the Objective-See Foundation) discovered that by using Zoom’s cryptographic signature on the package, hackers could “fool” Zoom into downloading malicious software. To install the 5. 11. 5 updates on Zoom, first launch the programme on your Mac and select zoom.
As described by the reporter, the attack targets the Zoom installer, which requires specific user rights.
“Mahalos to Zoom for the (incredibly) quick fix!” Wardle responded to Zoom’s update.
Then, choose to Check for updates, and if one is available, Zoom will display a window with the most recent programme version and information about what’s changed.
To begin the download, pick Update from this menu.
Even if most people are not in immediate danger, Zoom recommends users to “stay up to date with the current version” of the programme whenever one is released.