Zoom has released an update to its macOS client that fixes a severe vulnerability, one that could give a user root access.
Apple’s macOS is based on BSD Unix, inheriting a root user that has ultimate permissions. According to Zoom, a bug in the app could allow a non-root user to gain root access, representing a major threat to the computer’s security.
The company has released an update that addresses the issue and all users are advised to update immediately.
The Zoom Client for Meetings for macOS (Standard and for IT Admin) starting with version 5.7.3 and before 5.11.5 contains a vulnerability in the auto update process. A local low-privileged user could exploit this vulnerability to escalate their privileges to root.
Users can help keep themselves secure by applying current updates or downloading the latest Zoom software with all current security updates from https://zoom.us/download.