DEF CON 30 - Patrick Wardle - You’re Muted Rooted Exploiting Zoom on macOS
With a recent market cap of over $100 billion and the genericization of its name, the popularity of Zoom is undeniable. But what about its security? This imperative question is often quite personal, as who amongst us isn’t jumping on weekly (daily?) Zoom calls?
In this talk, we’ll explore Zoom’s macOS application to uncover several critical security flaws. Flaws, that provided a local unprivileged attacker a direct and reliable path to root.
The first flaw, presents itself subtly in a core cryptographic validation routine, while the second is due to a nuanced trust issue between Zoom’s client and its privileged helper component.
After detailing both root cause analysis and full exploitation of these flaws, we’ll end the talk by showing how such issues could be avoided …both by Zoom, but also in other macOS applications.
4 weeks ago 00:00:00 1
4 weeks ago 00:03:09 1
4 weeks ago 00:00:00 1
1 month ago 00:00:00 1
1 month ago 00:01:29 1
1 month ago 00:04:54 1
1 month ago 01:14:27 1
![[Angels Of Love] Dave Morales ’’Revoluciòn’’ live @ Disco Metropolis 31-08-2002](https://sun9-12.userapi.com/rc-P1jgRc1Hh4kDLKjL3dYa6SpdMTlviS5DWQg/wNpMOlNuJZQ.jpg)
2 months ago 00:03:19 8
2 months ago 00:46:42 1
2 months ago 00:35:15 1
2 months ago 01:04:33 2
2 months ago 00:22:46 1
2 months ago 00:42:23 1
2 months ago 00:02:22 1
2 months ago 00:44:06 1
2 months ago 00:04:38 1
2 months ago 00:00:00 1
2 months ago 00:04:02 1
2 months ago 00:15:23 1
2 months ago 00:08:22 1
2 months ago 01:33:23 1
2 months ago 02:03:39 1
![Ori Uplift - Uplifting Only 422 (March 11, 2021) [All Instrumental]](https://sun9-45.userapi.com/EEHoFUY8U-BqwidHGHtxcSaQKA2LhfyebdZMow/y-MBFqMZGcg.jpg)
2 months ago 00:04:25 1
2 months ago 00:00:00 1
