There is a bug in the operating system that could allow a hacker to take control. You can get a fix for the issue in the latest version of the app on Mac, which you can download now.
Patrick Wardle, a security researcher and founder of the Objective- See Foundation, a nonprofit that creates open-source macOS security tools, discovered the flaw and presented it at the DefCon hacking conference last week. Corin reported on Wardle's findings after attending the event.
Special user permission is required to run the exploit. By using this tool, Wardle was able to find a way to trick zoom into installing a malicious program. Attackers can gain further access to a user's system by modifying, deletion, or adding files to the device.
Reversing the patch, we see the Zoom installer now invokes lchown to update the permissions of the update .pkg, thus preventing malicious subversions pic.twitter.com/00xjqKQsXs
— patrick wardle (@patrickwardle) August 14, 2022
There is a quick fix, and Mahalos needs to zoom for it. Wardle was responding to the update. The update.pkg is now being updated by lchown, which prevents malicious subversion.
If you open the app on your Mac, you can hit zoom.us from the menu bar at the top of your screen to download the update. If you check for updates, you will see a window with the latest version of the app. Select Update to start the download.