Archive

Archive for July 13, 2019

Zhumu vulnerability and remediation

July 13, 2019 Leave a comment

As more security researchers look into the Zoom vulnerability issue, it now appears that Zhumu (Zoom’s affiliate for China) has a client for macOS with the same local webserver vulnerability as that previously discovered for Zoom’s and RingCentral’s clients for macOS.

For those wanting to manually remediate for all three clients, the following commands can be run:


pkill "ZoomOpener"; rm -rf ~/.zoomus; touch ~/.zoomus && chmod 000 ~/.zoomus;
pkill "RingCentralOpener"; rm -rf ~/.ringcentralopener; touch ~/.ringcentralopener && chmod 000 ~/.ringcentralopener;
pkill "ZhumuOpener"; rm -rf ~/.zhumuopener; touch ~/.zhumuopener && chmod 000 ~/.zhumuopener;

view raw

gistfile1.txt

hosted with ❤ by GitHub

The question at this point is: how many more Zoom variants are there out there? I hadn’t previously been aware of Zhumu or of Zoom’s business relationship with this company. Are there more?

I’ve updated my fix_zoom_vulnerability script to also address the Zhumu client. For more details, please see below the jump.

Read more…

%d bloggers like this: