Security Expert Reveals Two Big Security Flaws in Zoom

Mac users, take note

Zoom logo
The Zoom Video Communications Inc. logo on a laptop computer.
Tiffany Hagler-Geard/Bloomberg via Getty Images

Whether it’s for work or recreation, Zoom has become a much bigger part of our lives since the beginning of 2020. And with remote work continuing to be a presence in many people’s lives, that seems unlikely to change in the short term. But as with any application that people depend on, there are security questions to be mindful of when using Zoom — and one cybersecurity researcher recently raised two significant ones.

At this year’s DEF CON, a hacker conference held in Las Vegas, cybersecurity expert Patrick Wardle revealed a pair of security issues with Zoom that could have significant consequences for people with Zoom installed on their Mac.

As Engadget reports, Warldle pointed out that the security check Zoom uses could be exploited in such a way that a hacker would have access to the root directory of a Mac. Wardle told Zoom about the issue, but apparently Zoom’s method of fixing it created another vulnerability — one which could cause an older and less secure version of Zoom to be installed instead of the most recent version.

Thankfully, Zoom is aware of these issues. The company told The Verge that they are at work now on a patch that will resolve them.

UPDATE: Zoom has provided more details on the aforementioned patch. “The newly reported vulnerability for the macOS auto updater has been fixed in the Zoom Client for Meetings for macOS version 5.11.5,” said a spokesperson for the company.

The InsideHook Newsletter.

News, advice and insights for the most interesting person in the room.