I need to update Zoom on my Mac now

After spending all day video conferencing, you might think Zoom has completely taken over your Mac. A critical security vulnerability, however, allows hackers to do just that. . Get rid of headaches and update Zoom now.

What’s going on with Zoom for Mac?

The Verge reports On Friday, August 12th, we discovered a critical flaw in the auto-update feature of Zoom for Mac that puts all users at risk. Security His specialist Patrick Wardle discovered a vulnerability in the Zoom installer.

After users authenticate themselves to the Zoom installer, the auto-update feature continues to work in the background. The installer will install all updates as long as they are cryptographically signed by Zoom. However, the installer cannot tell the difference between legitimate updates and malware. name software is correct. This allows the malicious user to trick the installer into automatically installing bogus software with the correct name on the target’s girlfriend’s Mac, giving the hacker root access to the machine and conducting a so-called privilege escalation attack. can do.

Simply put, a malicious person can exploit this vulnerability to take complete control of your Mac. To make matters worse, the vulnerability existed for the entirety of 2022. Wardle notified Zoom of this issue in December 2021. The company issued an update to patch the issue, but hackers inadvertently introduced a new way to exploit the same vulnerability. Vulnerability. Luckily, we finally have a patch that completely blocks this kind of hack.

Zoom has issued a security bulletin On Saturday, August 13th, we will provide more details about the vulnerability and its patch. Identified as CVE-2022-28756 with a severity of “High”, this patch officially fixes this privilege escalation issue in Zoom versions 5.7.3 and above and prior to 5.11.5.

How to update Zoom for Mac

To check for new Zoom updates, open the client on your Mac, sign in, select your profile icon, Then click Check for Updates. If there is a new update available, the Zoom client will download it and install it on your Mac.

That said, if you have automatic updates enabled, your Zoom client may already be patched.To check, please go to Go to Zoom settings, select General, then click Keep Zoom up to date automatically. Once you authenticate yourself, Zoom will automatically check for updates in the background. You can also choose whether or not to receive these updates. This can be “slow”, which waits to install updates until they are stable, or “fast”, which installs each new update immediately. Zoom makes it clear that critical updates such as this patch will be installed immediately regardless of the settings you choose here.

[MacRumors]