Home
-
CVE-2021-34409 - Zoom - Incorrect Permission Assignment for Critical Resource
MacOS Installer Privilege Escalation - User-writable pre and post-install scripts unpacked during the Zoom Client for Meetings for MacOS installation before version 5.2.0 allow for privilege escalation to root.
-
CVE-2021-34408 - Zoom - Improper Link Resolution Before File Access
Zoom MSI Installer Elevated Write Using A Junction - A user-writable directory created during the installation of the Zoom Client for Meetings for Windows version prior to version 5.3.2 can be redirected to another location using a junction. This would allow an attacker to overwrite files that a limited user would otherwise be unable to modify.
-
CVE-2021-33907 - Zoom - Improper Certificate Validation
Windows Zoom Installer Digital Signature Bypass - The Zoom Client for Meetings for Windows in all versions before 5.3.0 fails to properly validate the certificate information used to sign .msi files when performing an update of the client. This could lead to remote code execution in an elevated privileged context.
-
Windows 7 ESU Analysis
The Windows 7 free security update window closed to consumers in January of 2020. However, due to the overwhelming popularity of the OS, Microsoft began offering Extended Security Updates (ESU) for the Operating System. The first update preparing a Windows 7 system for this next phase of patches is KB4528069. This post dissects the KB4528069 update to understand how ESUs differ from standard Windows 7 updates.
-
CVE-2020-11632 - Zscaler - Unquoted Search Path or Element
The Zscaler Client Connector prior to 2.1.2.150 did not quote the search path for services, which allows a local adversary to execute code with system privileges.