Skip to content

Instantly share code, notes, and snippets.

@thales17

thales17/FIX.md

Created July 9, 2019 14:21
Show Gist options
  • Save thales17/d36cdc4ac5727e5a6fc414b5a4e4b37c to your computer and use it in GitHub Desktop.
Save thales17/d36cdc4ac5727e5a6fc414b5a4e4b37c to your computer and use it in GitHub Desktop.
Download ZIP
Zoom Fix
Raw
FIX.md

Zoom Fix

These are the steps I needed to take to fix the zoom zero day vulerability

Steps

  1. Confirm that you are vulnerable, open this demonstration link: https://jlleitschuh.org/zoom_vulnerability_poc/
  2. Launch Zoom and check for updates to make sure you are up to date
  3. Open Terminal (Either via Spotlight or Launchpad)
  4. Use this command: lsof -i :19421 to get the PID of the running instance of ZoomOpener.app
  5. Run kill -9 <PID FROM PREVIOS CMD> to stop the running ZoomOpener.app
  6. Run rm -Rf .zoomus from terminal to remove the ZoomOpener.app
  7. The latest version of Zoom will reinstall the ZoomOpener.app everytime it is launched to prevent this we need to squat the .zoomus with one owned by the super user on your computer. To do this type sudo mkdir .zoomus in the Terminal. This will ask you for the password that you use to login, type that and the new directory should be made. This will prevent Zoom from reinstalling the ZoomOpener in the .zoomus folder on your computer.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment