Zoom auto update9/1/2023 ![]() Zoom’s patch was… □… incomplete, I managed to bypass it □ Mahalos to for the (incredibly) quick fix! Īmusingly, if that is the right word, the patch to patch the incomplete patch was itself quickly found to be incomplete by researcher Csaba Fitzl, and the patch for the incomplete fix (5.11.5) was quickly superseded by a patch for the patch for the incomplete fix (5.11.6): Zoom immediately worked on a patch for the flaw, which was announced the next day in Zoom security bulletin ZSB-22018, earning a congratulatory reply from Wardle in the process: In the tweet, which followed his talk, Wardle noted:Ĭurrently there is no patch Slides with full details & PoC exploit: #0day /9dW7DdUm7P Was stoked to talk about (& live-demo □) a local priv-esc vulnerability in Zoom (for macOS). Mahalo to everybody who came to my talk "You're M̶u̶t̶e̶d̶ Rooted" □□ Google Project Zero's Natalie Silvanovich reported the bug.At the well-known DEF CON security shindig in Las Vegas, Nevada, last week, Mac cybersecurity researcher Patrick Wardle revealed a “get-root” elevation of privilege (EoP) bug in Zoom for Mac: One example of a security update: Zoom recently patched a flaw that affects Zoom for Windows, iOS, Android, Chrome OS, and Linux, as well as Zoom's conferencing software and its Meeting SDK. The automatically applied patches will also help Zoom better react to discovered security flaws. It also includes new analytics for KPIs, such as missed call rates and average call time, and verification icons for incoming calls that comply with the STIR/SHAKEN standard. ![]()
0 Comments
Leave a Reply.AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |