News

Researcher: Leaks in Zoom Mac app give attacker access to mic and camera

By admin
Spread the love

Two vulnerabilities in Zoom’s macOS app allow an attacker to gain access to the camera and microphone. That writes a security researcher. Zoom has not yet commented on the new leak.

The first leak is in the Zoom app installer, writes researcher Patrick Wardle on Objective See. It uses an outdated api called ‘AuthorizationExecuteWithPrivileges’ and malicious software can use that to run itself with root.

It is then possible to piggyback on the user’s permission to use the camera and microphone for video calling in Zoom. The software allows other code to be executed in its own process, which then also has access to sound from the microphone and images from the camera. That access only applies when Zoom is running, but malicious software could start Zoom in the background and record audio and video at random times.

It is unknown if these vulnerabilities have been exploited. The researcher has had no contact with Zoom. Not only the Mac version of Zoom contains vulnerabilities, the Windows version also allows exploiting various vulnerabilities.

Zoom has not yet commented on the appearance of the leaks. As a result, it is unclear whether and when the company will close the leaks. Due to all the commotion surrounding the app, the New York State Attorney General has launched an exploratory investigation against the company’s privacy and security protocols.

You might also like
News

Rumor: Apple is working on its own applications based on a large language model

News

EU Council determines position on security requirements for digital products

News

Samsung develops first GDDR7 chips, mentions bandwidths of up to 32Gbit/s per pin

News

Microsoft announces Bing Chat Enterprise and Copilot pricing for businesses

News

Meta introduces open source language model Llama 2, works on PCs and phones

News

Logitech acquires stream controller maker Loupedeck