Skip to main content
  1. Home
  2. Computing
  3. News

Zoom just fixed a major security flaw on Mac. Here’s why you should update now

By

If you have Zoom installed on your MacBook, you’ll want to update the app right now. Zoom spent the weekend patching a major security flaw in its Mac app, and the update is available right now.

According to The Verge, it all began at Def Con, a computer security and hacker conference in Las Vegas. The founder of the security non-profit Objective-See and an ex-NSA security analyst, Patrick Wardle, took to the stage on Friday and presented a stunning find: a massive security vulnerability in the Zoom installer for MacBooks.

The Logitech Brio 4K Pro attached to a Macbook.
Image used with permission by copyright holder

The exploit allowed a threat actor to take control of someone’s Mac through the Zoom app, right down to the root level of the machine. The Zoom package installer used a weak security certificate test and any file with the same name as the official Zoom package could easily bypass the test. At this level, the MacBook recognizes the hacker as a “superuser” who can then read, change or create any file, including adding other malware to the system.

Recommended Videos

Frustratingly, Wardle had discovered the security threat back in December and had informed Zoom of his findings. Wardle said Zoom didn’t take him seriously and released a patch after a month, which contained another security bug. He informed Zoom of this second bug, and more importantly, of the first bug not being fixed. Zoom sat on it.

Please enable Javascript to view this content

Wardle decided to go public with his findings at Def Con. He had followed responsible disclosure protocols, which gives companies time to fix bugs, and after eight months of inaction, he felt he had to warn others. Zoom released a small patch a few weeks before the conference but Wardle said the vulnerability was still present.

This isn’t the first time Zoom has been criticized for lax security. In 2020 Wardle discovered a Mac vulnerability in Zoom which allowed cameras and microphones to be hijacked. Zoom was also found to have been sending user data to Facebook, and then the US Department of Justice filed charges against a Zoom executive for collusion with the Chinese government.

Zoom spent the weekend working on a new patch following Wardle’s presentation, and it is now available. Version 5.11.5 is a free update for Mac-based Zoom installs and is available now.

If you would prefer to use a different video conferencing platform, check out our handy guide to Microsoft Teams.

Editors’ Recommendations

Topics
Nathan Drescher
Nathan Drescher
Former Digital Trends Contributor
Nathan Drescher is a freelance journalist and writer from Ottawa, Canada. He's been writing about technology from around the…
The macOS Sequoia public beta just launched. Here’s how to download it
Apple's Craig Federighi introducing the new window tiling feature in macOS Sequoia at the Worldwide Developers Conference (WWDC) 2024.

The public beta for macOS Sequoia is here, and that means anyone with a compatible device can install it and try it out -- no paid developer memberships needed. Here's how to get it.

First of all, you'll need a PC that can run macOS Sequoia. This is the list of compatible models:

Read more
Some updates coming to macOS 15 aren’t just about AI
Apple's 15-inch MacBook Air on a desk, with macOS Sonoma running on its display.

Apple's Worldwide Developers Conference (WWDC) is coming up soon, and everyone's expecting a huge announcement around AI. But don't worry, according to a report from AppleInsider, there are some practical tweaks coming to macOS 15 that are in the works. Notably, the System Settings app is set to receive the biggest changes, with other menus and app UIs also expecting some rearranging.

The last update to the Settings app happened with macOS Ventura, changing the name from System Preferences to System Settings and shifting to an iOS-style design, a change that ruffled the feathers of diehard Mac users. This time, the organizational system will reportedly be based on "priority and overall importance."

Read more
Why you should buy a Mac mini instead of a MacBook Air
Apple Mac Mini side view showing edges.

Apple’s MacBook Air is an incredibly popular device, and it’s our pick for the best MacBook you can buy. But there’s a strong case to be made for passing over it and buying a Mac mini instead. Apple’s desktop computer is cheaper, supports more displays and ports, and is better for your posture. Those reasons could be enough to sway the balance in its favor.

If you’re on the fence, give this guide a read to see if it helps you make up your mind. Here, we’ll show you four of the most compelling reasons to buy a Mac mini instead of a MacBook Air.
It’s much cheaper

Read more