Weakness in Zoom for macOS allows local attackers to hijack camera and microphone

The Zoom video conferencing client for macOS does not take full advantage of the application hardening features the operating system offers, which could allow local malware to elevate its privileges or access the camera and microphone without the user’s knowledge. The issues, which stem from insecure use of system APIs, were revealed Wednesday by security researcher Patrick Wardle on his blog. Wardle has a long history of macOS security research, which includes finding vulnerabilities, analyzing malware and writing security tools for Apple’s platform.

Exploiting the two flaws requires attackers to already have local code execution access on the machine, but this does not mean they’re not serious issues, since local code execution with limited user privileges can be achieved in a variety of ways. Furthermore, Wardle believes the problems could have been easily avoided by Zoom because the attack techniques have been documented by himself and other researchers in the past in blog posts and at security conferences.

To read this article in full, please click here

Story added 2. April 2020, content source with full text you can find at link above.

Weakness in Zoom for macOS allows local attackers to hijack camera and microphone

More antivirus and malware news?

Ads

Security news

Malware

Security

IT security

About site

Search Terms Tips

Recent New Tips

Recent Posts