A paid Zoom One subscription or add-on license is required to use certain product features. Any free or paid license can be used with the mobile app Multi-task on your iPhone with Picture and Picture or iPad with Split View Use the mobile app to start a Zoom Rooms meeting and share content Move a call or meeting between devices with a single click without interruption Stay focused on the road with Apple CarPlay supportĬustomize Siri Shortcuts for hands-free voice commands
Share and annotate content during meetingsīrainstorm on virtual whiteboards, share them in chat, and access them later Schedule a video meeting and join with a single clickĬhats and channels for messaging, file sharing, and more Place and accept calls or send SMS text messages In April 2020, when pandemic remote working led to a 500% increase in daily traffic to the Zoom download page, some critics said the company’s software was “a privacy disaster” and even malware.Work from anywhere with a single app that combines team chat, phone, whiteboard, meetings, and more.
It is not the first time Zoom’s focus on frictionless use has led to a security hole.
Normally, the company tries to ensure that is safe by limiting the installer to only operate on code that has been cryptographically signed by Zoom, but the bug discovered by Wardle means that an attacker could trivially bypass that protection and convince the installer to load and run any malware they want.
In order to make the user journey simpler, the installer continues to run in the background from the moment a user first installs zoom, and does so with “superuser” privileges, allowing it to change anything about the computer. It targets the Zoom installer, which the company uses to enable frictionless automatic updates. Discovered by an independent security researcher, Patrick Wardle – whose brother Jeremy invented the popular game Wordle – the vulnerability was first presented at the Def Con hacking conference in Las Vegas last week.
0 kommentar(er)
