Update: Zoom pushes another Mac update to fix critical security flaw

Before your next Zoom video call, update your app.

Zoom recently patched a security weakness that might enable hackers take over your computer.

Patrick Wardle of the Objective-See Foundation uncovered the vulnerability in Zoom's automatic updater, which doesn't require a password.

Wardle observed that when the updater runs, it just checks if the file has the same name as the signing certificate.

Using a different software with the same name as the certificate, a hacker may access the Mac.

Wardle's DefCon presentation is available online.

Zoom released 5.11.5 (9788), which fixes the vulnerability, but it's the second try.

Wardle alerted Zoom about the vulnerability in December, and the business provided a remedy, but it contained a fault that made the vulnerability effective.

Zoom's security is questionable. It's had issues with illegal microphone access, a lack of encryption, and unwanted individuals invading meetings.