Muongorori wezvekuchengetedza akawana kusakwana kuviri muvhidhiyo kufona software yekuvandudza Zoom ye macOS iyo yakabvumira kupinda kwemidzi. Mushure mekunge kambani yabata kusazvibata, murume uyu akawana kusagadzikana kutsva.
Muongorori wezvekuchengetedza Patrick Wardle akagovera zvaakawana pachiitiko cheDefCon chekubira muLas Vegas. Ikoko, akatsanangura nzira yekunzvenga siginecha yeZoom's otomatiki yekuvandudza chishandiso che macOS. Mukusagadzikana kwekutanga, CVE-2022-28751, vashandisi vaingofanira kushandura zita refaira refaira kuti rive nemhando dzakafanana setifiketi icho chishandiso chekuvandudza chaitsvaga. "Unongofanira kupa software rimwe zita uye wapfuura cryptographic control pasina nguva," murume akaudza Wired.
Wardle akanga azivisa Zoom nezvekusagadzikana mukupera kwa2021 uye gadziriso yakaburitswa nekambani ipapo yaive nenjodzi kutsva, sekureva kwaWardle. Akakwanisa kuwana Zoom's updater.app yeMacOS kuti igamuchire vhezheni yekare yevhidhiyo yekufona software, saka yakatanga kugovera iyo vhezheni pane yazvino vhezheni. Mapato ane hutsinye akangoerekana apihwa mukana wekushandisa kusagadzikana mune yekare Zoom software kuburikidza nenjodzi CVE2022-22781. Ndine, nekuti Zoom ikozvino yakagadzirisa kusagadzikana kuviri pamusoro kuburikidza nekuvandudza.
Asi Wardle akawanawo kusagadzikana ipapo, CVE-2022-28756. Sekureva kwemurume, parizvino zvinogoneka kuita shanduko pasuru mushure mekusimbiswa kwesoftware package neZoom installer. Iyo software package inochengeta mvumo yekuverenga-yekunyora muMacOS uye inogona kugadziridzwa pakati peiyo cryptographic cheki nekumisikidza. Zoom, zvakadaro, yakapindura kune zvakazarurwa zvitsva zvaWardle. Kambani iyi inoti iri kushanda pakugadzirisa.