Zoom Auto Update Feature Brings Security Risks to Apple Mac Users, Expert Says

Zoom auto-update feature on Apple macOS brings security risks and vulnerabilities, a cybersecurity researcher recently revealed.

Zoom Auto Update Feature Brings Security Risks to Apple Mac Users, Cybersecurity Researcher Says
ALBUQUERQUE, NEW MEXICO - AUGUST 17: Bottles of hand sanitizer sit next to a laptop showing a Zoom meeting as students begin classes amid the coronavirus (COVID-19) pandemic on the first day of the fall 2020 semester at the University of New Mexico on August 17, 2020 in Albuquerque, New Mexico. Sam Wasson/Getty Images

Back in 2021, Zoom introduced an auto-update feature for its desktop apps for Windows PC and Apple Mac users, keeping them up-to-date with the latest offerings of the video conferencing service.

But it turns out that seemingly harmless auto-update functionality brings doom to Mac users.

Zoom Auto Update Feature Security Risks for Apple Mac Users

The COVID-19 pandemic, which forced mortals across the globe to take meetings virtually, triggered the surprising rise of Zoom.

And as such, millions of people have installed the Zoom app on their PCs and MacBooks to keep up with never-ending video meetings.

However, it appears that the Zoom desktop client, specifically its automatic update function, might not be as safe as it looks, at least for Mac users.

As per the latest report by Wired, a cybersecurity expert revealed that the auto-update feature of Zoom brought some security risks along with it on Apple Mac machines.

The longtime security researcher for Macs, Patrick Wardle, revealed during the DefCon security conference in Las Vegas that he discovered the function exposed Mac users to vulnerabilities.

Wardle says that the security risks from Zoom allowed cyber attackers to take full control of the Macs of its targets.

The Mac security researcher told Wired that he got curious about how Zoom is pushing its automatic updates to its desktop users.

He says that "it seemed on the first pass that they were doing things securely, they had the right ideas."

However, upon further scrutiny, he found some flaws in the code of the video meeting platform.

Wardle went on to add that "the quality of the code was more suspect, and it appeared that no one was auditing it deeply enough."

It is worth noting that Zoom has already fixed the previous security risks that come with its auto-update feature.

But despite that, the Mac security expert says that the video conferencing platform has yet to patch his newly discovered security vulnerability. He also noted that he has not yet informed Zoom about it.

How Zoom Auto Updates Work

According to the news story by PC Mag, Zoom introduced auto-updates to its desktop clients for macOS and Windows late last year.

Zoom Auto Update Feature Brings Security Risks to Apple Mac Users, Cybersecurity Researcher Says
In this photo illustration a Zoom App logo is displayed on a smartphone on March 30, 2020 in Arlington, Virginia. OLIVIER DOULIERY / Getty Images

To be more precise, the service rolled out the new feature last Nov. 29 to all of its desktop users.

Zoom says it should bring security fixes immediately, along with refinements in the overall experience.

Wardle reveals that Zoom uses a standard macOS helper tool to install fresh updates instantly. But he discovered that the signature check of the service accepted virtually anything, allowing attackers to fool the system.

© 2024 iTech Post All rights reserved. Do not reproduce without permission.

Tags Apple Mac

More from iTechPost

Real Time Analytics