One of the security issues within the Zoom app could allow attackers to gain root access of a Mac machine.
- Zoom seems to have UNC injection flaw on Windows
- Security researchers have also found issues with its macOS version
- Zoom, however, is yet to patch the flaws
Zoom meetings are happening all across the globe as a large number of people are currently working from home due to the coronavirus outbreak. The remote culture has indeed resulted in popularity for the video conferencing platform that was earlier trying to compete against Google’s Hangouts Meet and Microsoft’s Skype. However, its overnight popularity has also brought it into the limelight for security researchers who’ve started finding its alleged underlying vulnerabilities. Two such researchers claim to have found a security loophole that can give attackers access to Windows passwords. Another security researcher has noticed two flaws that can be used to silently gain access to a user’s Mac and tap into its webcam and microphone.
The first serious flaw claimed to have been discovered in the Zoom app by a security researcher who goes by pseudonym g0dmode is about UNC paths. The Windows client is found to convert networking UNC paths into a clickable link in the chat message. This can be utilised by any attackers to capture Windows passwords, as noticed by security researcher Matthew Hickey, who operates Twitter account @HackerFantastic.
In addition to the UNC injection flaw, the Zoom app is said to have two distinct security loopholes that could allow attackers to gain root access and take over a user’s Mac system.
Former NSA hacker and principal security researcher at Jamf Patrick Wardle has spotted the bugs that exist within the macOS version of the Zoom app. Both bugs are said to be initiated by a local attacker, someone who has physical control of the system, as noted by TechCrunch.
The attacker can gain access to the computer once exploited and install malware or spyware, without letting users know about the backdoor entry. The issue that allows unwanted access is due to the installer that can easily be injected with malicious code and used to obtain root-level user privileges.
Security researcher Felix Seele also highlighted the allegedly vulnerable macOS installer of the Zoom app in a tweet posted on Wednesday. “Turns out they (ab)use preinstallation scripts, manually unpack the app using a bundled 7zip and install it to /Applications if the current user is in the admin group (no root needed),” he tweeted.
Aside from the unsafe installer, Wardle claims to have been able to find another security bug in the macOS variant of the Zoom app that can allow an attacker to inject malicious code to access the webcam and microphone of the system. The researcher was able to trick the client using his proof-of-concept.
“No additional prompts will be displayed, and the injected code was able to arbitrarily record audio and video,” Wardle wrote in a blog post while elaborating the security flaw.
Zoom hasn’t yet fixed any of the reported flaws. However, Gadgets 360 has reached out to the company to understand its take on the fresh vulnerabilities that could impact several users worldwide — given the growing adoption of the app due to the coronavirus outbreak.
It is important to note that apart from the four new security issues that have been discovered by the security researchers, Zoom was recently in the news for its misleading end-to-end encryption claim. The app was also found to have a flaw that exposes emails and photos of users. Furthermore, it is also under scrutiny in the US after users complained about being startled by porn during virtual meetings.