Tweet
Patrick Wardle - You’re Muted Rooted
Patrick Wardle, Founder, Objective-See Foundation, he/him
Presentation Title: You’reMuted Rooted Exploiting Zoom on macOS
Length of presentation: 45 minutes
Demo, Tool, Exploit
With a recent market cap of over $100 billion and the genericization of its name, the popularity of Zoom is undeniable. But what about its security? This imperative question is often quite personal, as who amongst us isn't jumping on weekly (daily?) Zoom calls?
In this talk, we’ll explore Zoom’s macOS application to uncover several critical security flaws. Flaws, that provided a local unprivileged attacker a direct and reliable path to root.
The first flaw, presents itself subtly in a core cryptographic validation routine, while the second is due to a nuanced trust issue between Zoom’s client and its privileged helper component.
After detailing both root cause analysis and full exploitation of these flaws, we’ll end the talk by showing how such issues could be avoided …both by Zoom, but also in other macOS applications.
SPEAKER BIO(S):
Patrick Wardle is the creator of the non-profit Objective-See Foundation, author of the “The Art of Mac Malware” book series, and founder of the “Objective by the Sea” macOS Security conference.
Having worked at NASA and the NSA, as well as presenting at countless security conferences, he is intimately familiar with aliens, spies, and talking nerdy.
Patrick is passionate about all things related to macOS security and thus spends his days finding Apple 0days, analyzing macOS malware, and writing free open-source security tools to protect Mac users.
https://objective-see.org/
https://twitter.com/patrickwardle
REFERENCES:
The 'S' in Zoom, Stands for Security
uncovering (local) security flaws in Zoom's latest macOS client
(https://objective-see.com/blog/blog_0x56.html)
Note: This is (just) my previous research on Zoom. Both bugs in this talk are brand new.
[]
Patrick Wardle, Founder, Objective-See Foundation, he/him
Presentation Title: You’re
Length of presentation: 45 minutes
Demo, Tool, Exploit
With a recent market cap of over $100 billion and the genericization of its name, the popularity of Zoom is undeniable. But what about its security? This imperative question is often quite personal, as who amongst us isn't jumping on weekly (daily?) Zoom calls?
In this talk, we’ll explore Zoom’s macOS application to uncover several critical security flaws. Flaws, that provided a local unprivileged attacker a direct and reliable path to root.
The first flaw, presents itself subtly in a core cryptographic validation routine, while the second is due to a nuanced trust issue between Zoom’s client and its privileged helper component.
After detailing both root cause analysis and full exploitation of these flaws, we’ll end the talk by showing how such issues could be avoided …both by Zoom, but also in other macOS applications.
SPEAKER BIO(S):
Patrick Wardle is the creator of the non-profit Objective-See Foundation, author of the “The Art of Mac Malware” book series, and founder of the “Objective by the Sea” macOS Security conference.
Having worked at NASA and the NSA, as well as presenting at countless security conferences, he is intimately familiar with aliens, spies, and talking nerdy.
Patrick is passionate about all things related to macOS security and thus spends his days finding Apple 0days, analyzing macOS malware, and writing free open-source security tools to protect Mac users.
https://objective-see.org/
https://twitter.com/patrickwardle
REFERENCES:
The 'S' in Zoom, Stands for Security
uncovering (local) security flaws in Zoom's latest macOS client
(https://objective-see.com/blog/blog_0x56.html)
Note: This is (just) my previous research on Zoom. Both bugs in this talk are brand new.
[]