Zoom macOS app quietly added back cs.disable-library-validation entitlement

So the CVE-2020-11470 is back. “This effectively disables code signature verification for its dynamic libraries and enables a code injection attack that Wardle calls “dylib proxying”. It’s not clear why Zoom uses this exception since its own libraries appear to be properly signed.” https://www.csoonline.com/article/3535789/weakness-in-zoom-for-macos-allows-local-attackers-to-hijack-camera-and-microphone.amp.html Check latest pkg with Suspicious Package [0] analyzer. [0] https://www.mothersruin.com/software/SuspiciousPackage/
Story Published at: August 14, 2022 at 01:58PM

Zoom macOS app quietly added back cs.disable-library-validation entitlement

Leave a Reply Cancel reply

INX to boost its $117M IPO with token listings on global exchanges

Russia’s Gazprombank gets green light for crypto custody in Switzerland

New Huawei smartphone will feature a hardware wallet for digital yuan

Chinese city seeks to power urban governance and more using blockchain tech

Binance CEO denies allegations that the exchange’s US arm is a regulatory decoy

Tax professional explains the most important thing for US crypto holders

Bank of Chain - The Very First DeFi Bank

Finance Redefined: The curious case of Harvest Finance, Oct. 21-28

Winklevoss’ Gemini exchange to count crypto taxes in real time