Wofufuza zachitetezo wapeza zovuta ziwiri mu chida chosinthira pulogalamu yoyimbira mavidiyo Zoom ya macOS yomwe imalola mizu kulowa. Kampaniyo itachotsa zofookazo, bamboyo adapeza chiwopsezo chatsopano.
Wofufuza zachitetezo a Patrick Wardle adagawana zomwe adapeza pamwambo wozembetsa DefCon ku Las Vegas. Kumeneko, adalongosola momwe angadutse cheke cha siginecha ya chida chosinthira cha Zoom cha macOS. Pachiwopsezo choyamba, CVE-2022-28751, ogwiritsa ntchito adangosintha dzina lafayilo kuti likhale ndi zikhalidwe zofanana ndi satifiketi yomwe chida chosinthira chinali kufunafuna. "Mungoyenera kupatsa pulogalamuyo dzina linalake ndipo mwadutsa nthawi yomweyo," bamboyo adauza Wired.
Wardle adadziwitsa Zoom za chiwopsezochi kumapeto kwa 2021 ndipo kukonza komwe kampaniyo idatulutsa kunali pachiwopsezo chatsopano, malinga ndi Wardle. Anatha kupeza Zoom's updater.app ya macOS kuti ivomereze pulogalamu yakale yoyimba makanema, motero idayamba kugawa mtunduwo m'malo mwa mtundu waposachedwa kwambiri. Maphwando oyipa mwadzidzidzi adapatsidwa mwayi wopezerapo mwayi pazovuta zamapulogalamu akale a Zoom kudzera pachiwopsezo cha CVE2022-22781. Ndiyenera, chifukwa Zoom tsopano yakonza zofooka ziwiri pamwambapa kudzera pakusintha.
Koma Wardle adapezanso chiwopsezo kumeneko, CVE-2022-28756. Malinga ndi bamboyo, ndizotheka kusintha phukusilo mutatsimikizira phukusi la pulogalamu ndi okhazikitsa Zoom. Phukusi la pulogalamuyo limasunga zilolezo zake zowerengera mu macOS ndipo zitha kusinthidwabe pakati pa cheke cha cryptographic ndikuyika. Zoom, panthawiyi, adayankha mavumbulutso atsopano a Wardle. Kampaniyo ikuti ikugwira ntchito yothetsera vutoli.