• Contact Us
  • Privacy Policy
  • Terms of Use
  • DMCA
Monday, January 30, 2023
TheGreatNews.com
  • Home
  • MINDSET
  • WELL BEING
  • POSITIVE NEWS
  • WISDOM
  • PURPOSE
  • NEW TECHNOLOGIES
  • More Topics
    • ENTREPRENEUR
    • GREEN ENERGIES
    • SUCCESS
    • GOOD LIFE
No Result
View All Result
  • Home
  • MINDSET
  • WELL BEING
  • POSITIVE NEWS
  • WISDOM
  • PURPOSE
  • NEW TECHNOLOGIES
  • More Topics
    • ENTREPRENEUR
    • GREEN ENERGIES
    • SUCCESS
    • GOOD LIFE
No Result
View All Result
TheGreatNews.com
No Result
View All Result

The Zoom installer let a researcher hack his way to root access on macOS

in NEW TECHNOLOGIES
Reading Time: 3 mins read
A A
Share Share Share Share Share

Related articles

Garbage is sometimes a HIPAA violation

JBL announces the Tour One M2 headphones and Tour Pro 2 earbuds

A security researcher has found a way that an attacker could leverage the macOS version of Zoom to gain access over the entire operating system.

Details of the exploit were released in a presentation given by Mac security specialist Patrick Wardle at the Def Con hacking conference in Las Vegas on Friday. Some of the bugs involved have already been fixed by Zoom, but the researcher also presented one unpatched vulnerability that still affects systems now.

The exploit works by targeting the installer for the Zoom application, which needs to run with special user permissions in order to install or remove the main Zoom application from a computer. Though the installer requires a user to enter their password on first adding the application to the system, Wardle found that an auto-update function then continually ran in the background with superuser privileges.

A privilege escalation attack

When Zoom issued an update, the updater function would install the new package after checking that it had been cryptographically signed by Zoom. But a bug in how the checking method was implemented meant that giving the updater any file with the same name as Zoom’s signing certificate would be enough to pass the test — so an attacker could substitute any kind of malware program and have it be run by the updater with elevated privilege.

The result is a privilege escalation attack, which assumes an attacker has already gained initial access to the target system and then employs an exploit to gain a higher level of access. In this case, the attacker begins with a restricted user account but escalates into the most powerful user type — known as a “superuser” or “root” — allowing them to add, remove, or modify any files on the machine.

Wardle is the founder of the Objective-See Foundation, a nonprofit that creates open-source security tools for macOS. Previously, at the Black Hat cybersecurity conference held in the same week as Def Con, Wardle detailed the unauthorized use of algorithms lifted from his open-source security software by for-profit companies.

“It was really frustrating to wait … six, seven, eight months”

Following responsible disclosure protocols, Wardle informed Zoom about the vulnerability in December of last year. To his frustration, he says an initial fix from Zoom contained another bug that meant the vulnerability was still exploitable in a slightly more roundabout way, so he disclosed this second bug to Zoom and waited eight months before publishing the research.

“To me that was kind of problematic because not only did I report the bugs to Zoom, I also reported mistakes and how to fix the code,” Wardle told The Verge in a call before the talk. “So it was really frustrating to wait, what, six, seven, eight months, knowing that all Mac versions of Zoom were sitting on users’ computers vulnerable.”

A few weeks before the Def Con event, Wardle says Zoom issued a patch that fixed the bugs that he had initially discovered. But on closer analysis, another small error meant the bug was still exploitable.

In the new version of the update installer, a package to be installed is first moved to a directory owned by the “root” user. Generally this means that no user that does not have root permission is able to add, remove, or modify files in this directory. But because of a subtlety of Unix systems (of which macOS is one), when an existing file is moved from another location to the root directory, it retains the same read-write permissions it previously had. So, in this case, it can still be modified by a regular user. And because it can be modified, a malicious user can still swap the contents of that file with a file of their own choosing and use it to become root.

While this bug is currently live in Zoom, Wardle says it’s very easy to fix and that he hopes that talking about it publicly will “grease the wheels” to have the company take care of it sooner rather than later.

Zoom had not responded to a request for comment at time of publication.

Credit: Source link

ShareTweetSendPinShare
Previous Post

How to Change Careers, According to Former NFL Receiver Nate Burleson

Next Post

How to Fix Brain Fog and Boost Your Focus

Related Posts

Garbage is sometimes a HIPAA violation

Garbage is sometimes a HIPAA violation

August 30, 2022

After the Supreme Court decided to end federal protection for abortion in June, many abortion advocates and lawmakers started agitating for the Biden administration to make...

JBL announces the Tour One M2 headphones and Tour Pro 2 earbuds

JBL announces the Tour One M2 headphones and Tour Pro 2 earbuds

August 30, 2022

JBL has just announced the Tour Pro 2 wireless earbuds, featuring adaptive noise cancellation and customizable ANC alongside a charging case with a 1.45-inch LED touchscreen...

Elon Musk says whistleblower’s testimony gives him more reasons to dump Twitter deal

August 30, 2022

Elon Musk says the disclosures of Twitter’s former security chief have given him new justifications to walk away from his $44 billion deal to buy the...

Logitech’s cloud gaming handheld leaks with Android apps and Switch-like UI

Logitech’s cloud gaming handheld leaks with Android apps and Switch-like UI

August 30, 2022

Logitech’s new cloud gaming handheld has leaked weeks after the company teased it was working on the new device. Logitech G and Tencent Games confirmed their...

Meta links Instagram’s NFT posts to Facebook as the market for ‘digital collectibles’ tanks

Meta links Instagram’s NFT posts to Facebook as the market for ‘digital collectibles’ tanks

August 30, 2022

Meta has been testing support for NFT “digital collectible” posts on Instagram since May, and if you’re among the expanding group of people with access, then...

Next Post
How to Fix Brain Fog and Boost Your Focus

How to Fix Brain Fog and Boost Your Focus

An Iconic ‘Romantic’ Short-Stay Hotel Is On the Market in NYC

An Iconic 'Romantic' Short-Stay Hotel Is On the Market in NYC

The Choice Between Indica and Sativa Is Increasingly Meaningless (and How to Pick Your Weed)

The Choice Between Indica and Sativa Is Increasingly Meaningless (and How to Pick Your Weed)

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Weekly Updates

insurance

“Life Insurance and its Impact on Overall Well-being”

January 24, 2023
Best Side Hustles in Real Estate to Earn Profits 

Best Side Hustles in Real Estate to Earn Profits 

January 30, 2023
TheGreatNews.com

This is an online news portal that aims to provide the latest updates about mindset, well being, positive news, wisdom, purpose, new technologies, entrepreneur, green energy, success, good life and stuff like that around the world. Feel free to get in touch with us!

© 2021 - TheGreatNews.com - All rights reserved!

  • Contact Us
  • Privacy Policy
  • Terms of Use
  • DMCA
No Result
View All Result
  • Home
  • MINDSET
  • WELL BEING
  • POSITIVE NEWS
  • WISDOM
  • PURPOSE
  • NEW TECHNOLOGIES
  • More Topics
    • ENTREPRENEUR
    • GREEN ENERGIES
    • SUCCESS
    • GOOD LIFE

© 2021 - TheGreatNews.com - All rights reserved!