Zoom introduced auto update feature could exploit vulnerability in Mac OS
The alert has been issued for vulnerabilities in Apple’s operating systems including iPad OS and iOS
that can be exploited by remote attackers to execute arbitrary codes on targeted systems.
Zoom, a video-calling app, in its security bulletin acknowledged that the vulnerabilities in Apple’s software
its auto update process could be exploited by attackers to escalate their privileges to root files in Mac OS.
In Apple’s kernel process, the vulnerability, according to information on its website, can allow an application to execute arbitrary code with kernel privileges.
Apple is aware of a report that this issue may have been actively exploited”, the company stated in its website.
The vulnerability, discovered by Patrick Wardle of the Objective-See Foundation, involves Zoom’s automatic updater, which works as a root user and doesn’t require a user password.
When the updater runs, it checks to see if the software updates are signed by Zoom
But Wardle discovered that it was only checking if the file has the same name as the signing certificate.