Zoom's most recent Mac update includes a patch for a potentially serious security issue.
Zoom has released a patch for a macOS problem that might allow a hacker to take control of a user's operating system (via MacRumors). Zoom admits the issue (CVE-2022-28756) in an update to its security notice and says a remedy is available in version 5.11.5 of the Mac app, which you can (and should) download now.
Patrick Wardle, a security researcher and the creator of the Objective-See Foundation, a nonprofit that develops open-source macOS security solutions, discovered the issue and presented it last week at the Def Con hacking conference.
According to a post by Corin Faife in the Verge, the attack targets the Zoom installer, which requires special user permissions to function. Using this tool, Wardle discovered that hackers could "fool" Zoom into installing a malicious software by including Zoom's cryptographic signature in the package. Attackers can then get additional access to a user's system, allowing them to change, delete, or add data on the device.
“Mahalos to Zoom for the (incredibly) quick fix!” In reaction to Zoom's announcement, Patrick Wardle stated. “Reversing the patch, we see the Zoom installer now invokes lchown to update the permissions of the update . pkg, thus preventing malicious subversion.”
You may install the Zoom 5.11.5 update by first opening the programme on your Mac and selecting zoom.us (this may differ depending on your location) from the menu bar at the top of your screen. Then, choose Check for updates, and if one is available, Zoom will display a window with the most recent programme version, as well as information about what's changed. To begin the download, pick Update from this menu.
All users now have access to Twitter Circle, a tool that enables you to tweet just to a specific group of people. Before a wider release, the platform initially began testing the feature in May among "chosen people."
Following the success of Cambridge University's experiment, Google intends to broadcast adverts that educate consumers about misinformation strategies.