News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon
  • Zoom Zero-Day bug to take over Mac

    Posted on Alex5723 Comment on the AskWoody Lounge

    Home Forums AskWoody support Non-Windows operating systems macOS Zoom Zero-Day bug to take over Mac

    • This topic has 4 replies, 5 voices, and was last updated 3 months ago.
    Viewing 3 reply threads
    • Author
      Posts
      • #2213435 Reply
        Alex5723
        AskWoody Plus

        Zoom’s troubled year just got worse.

        Now that a large portion of the world is working from home to ride out the coronavirus pandemic, Zoom’s popularity has rocketed, but also has led to an increased focus on the company’s security practices and privacy promises. Hot on the heels of two security researchers finding a Zoom bug that can be abused to steal Windows passwords, another security researcher found two new bugs that can be used to take over a Zoom user’s Mac, including tapping into the webcam and microphone…

        https://techcrunch.com/2020/04/01/zoom-doom/

        • This topic was modified 3 months ago by Alex5723.
        2 users thanked author for this post.
      • #2213441 Reply
        OscarCP
        AskWoody Plus

        This is a very serious problem. How many who are working from home by telecommuting, are aware of the dangers of having their moves and words, voiced or written, monitored? Both the work messages they email and receive or read or write directly on computers at their offices where they log in remotely?

        t is not just some companies, or even independent users, that are at risk of having their valuable beans spilled into unfriendly hands: private business and government contractors’ work information being left open to spying or worse, is a national security issue to which attention must be paid.

        It is not just a particular application for teleconferencing being hacked by industrious free-lance criminals: whole government organizations around the world are using military-grade cybertools to hack and spy on the governments and the business of other countries. Particularly on businesses where they might get valuable information either for use in their own countries to gain a competitive advantage or to disrupt businesses in others.

        How many organizations allowing telecommuting, and the telecommuters themselves, are aware of this and taking measures to protect themselves and their work?

        How many have IT security experts in house or as external contractors, to guide them in the adoption of such measures?

        I am inclined to think that this “Zoom” alert is just a symptom of a deep and dangerous problem and that governments have to intervene in this situation, a.s.a.p. For example, by providing video tutorials on IT security that should be obligatory to complete and pass, in order to be allowed to telecommute, as I already have to do, yearly, to be able to connect to one of NASA Centers’ network to take care of my government-related email and work remotely on computers there. The government should also make it mandatory the use of FTPS, VPN plus other transmission contents protective measures. And keep everything updated as often necessary, as the criminals continue to escalate their side of the by now endless technological warfare.

        It is not just some companies, or even independent users, that are at risk of having their valuable beans spilled into unfriendly hands: private business and government contractors’ work information being left open to spying or worse, is a national security issue to which attention must be paid.

        Windows 7 Professional, SP1, x64 Group W (ex B) & macOS + Linux (Mint)

        • This reply was modified 3 months ago by OscarCP.
        2 users thanked author for this post.
      • #2213488 Reply
        DrBonzo
        AskWoody Plus

        It does seem that an attacker needs physical access to a MAC in order to inflict harm. It also seems that Apple discreetly used something called the Malware Removal Tool (MRT) to remove some portion of the Zoom software from affected machines. At least that’s my interpretation of the techcrunch link above and another link contained therein.

        • #2213510 Reply
          b
          AskWoody Plus

          It also seems that Apple discreetly used something called the Malware Removal Tool (MRT) to remove some portion of the Zoom software from affected machines.

          That was for a previous Zoom SNAFU nearly a year ago, not the current issues.

          1 user thanked author for this post.
      • #2213585 Reply
        Nathan Parker
        AskWoody_MVP

        And my school requires Zoom on all my Macs for my PhD seminars. Lovely…

        Nathan Parker

    Viewing 3 reply threads

    Please follow the -Lounge Rules- no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.

    Reply To: Zoom Zero-Day bug to take over Mac

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.

    Cancel