![]() To exploit the vulnerability, however, the attacker needed to have already had physical access to the computer, albeit without special rights. These bugs, in theory, made it possible to obtain so-called super-user rights, which allowed a would-be attacker to do whatever they want on the host computer. Long story short, a few of bugs were found in the automatic update system for am Apple Zoom client. The new problem in the Zoom videoconferencing client was highlighted by renowned researcher Patrick Wardle at DEF CON 30 in early August of this year. It ends with advice regarding what to do about it. This post examines this latest security issue, and seeks to explain why holes in software sometimes crop up repeatedly in the same place. Fast-forward to August 2022, and a similar hole has been found (in terms of both location and exploitation consequences). In March 2020, as the whole world was just getting to grips with working remotely, a vulnerability was discovered in the installer of Zoom - one of the world’s prime remote communication tools - allowing arbitrary code execution on Apple computers.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |