Zoom fixed a pair of privileged escalation vulnerabilities, which were detailed at the Black Hat conference this month, but that patch was bypassed, necessitating yet another fix.
Patrick Wardle, a cybersecurity researcher and founder of Objective-See, talked about the two macOS Zoom client vulnerabilities at Black Hat.
Both of which could be exploited by a local unprivileged miscreant or rogue application to reliably escalate to root privileges.
Researchers Identified Zoom’s Objectives In New Patches
The two holes could be exploited together to, simply put, feed a malicious update to Zoom to install and run, which shouldn’t normally be allowed to happen.
Wardle gave Zoom credit for issuing quick patches for the flaws, which the biz published individually on August 9 and 13. But look at Zoom’s recent security bulletins, and it quickly becomes clear that something went wrong: five days later a third patch was released for the same problem.
Zoom’s patch was… incomplete, I managed to bypass it,’ macOS security researcher and Offensive Security content developer Csaba Fitzl tweeted. Fritzl didn’t release any details of how he managed to bypass the patch, but Zoom credited him with reporting the third exploit.
Zoom users on macOS are encouraged to update their client immediately to version 5.11.6 unless running a version older than 5.7.3. If that latter case sounds like you, it may be a good idea to upgrade to plenty of other concerns with Zoom’s security that have come to light since it rose to prominence during the pandemic.
Researchers weaponize PLCs to attack OT networks
Researchers with Claroty’s Team82 have demonstrated turning programmable logic controllers (PLCs) into network offensive tools. PLCs are a fundamental part of industrial and commercial operational technology that makes up factory floors, utility infrastructure, manufacturing facilities, and other heavy industries.
Malware such as Stuxnet, which was used by America and Israel to damage Iran’s uranium-enrichment facilities, as well as other modern threats rely on internet-facing PLCs that lack proper protection. Evil PLC doesn’t attack the PLCs themselves at all: instead, it relies on vulnerabilities in engineering workstations that control them.
By compromising a PLC with malicious code and triggering a fault, an engineer who downloads the PLC’s code to inspect can unwittingly compromise their machine. The downloaded code relies on exploiting holes in software on the workstation.