A high-severity vulnerability in Zoom Client for Meetings for macOS could be exploited “to connect to and control the Zoom Apps running in the Zoom client.” The flaw affects Zoom Client for Meetings for macOS (Standard and for IT Admin) starting with 5.10.6 and prior to 5.12.0. Zoom has released a patch to address this vulnerability. Zoom has also released a fix for a medium-severity flaw in Zoom On-Premise Meeting Connector Multimedia Router (MMR).
- Make sure that your Mac users have updated their client. The users should be prompted to apply the update when they launch Zoom, but it doesn’t hurt to scan and make sure. Zoom released two fixes – the client patch fixes CVE-2022-28762 and Zoom MMR fix for CVE-2022-28761.
Read more in