When the client has finished downloading, it will leave you with a zoom.pkg file in your Downloads folder. Double-click on this and follow the instructions to install the software.
The first time you do this, Zoom will prompt you to download the smart virtual background package, so click Download and in a few seconds your new virtual background will appear behind you. If you want to return to normal, go back to the settings and select the None option.
Zoom Mac Os Download
Description: Zoom Rooms for Windows installers before version 5.13.0 contain a local privilege escalation vulnerability. A local low-privileged user could exploit this vulnerability in an attack chain to escalate their privileges to the SYSTEM user.Users can help keep themselves secure by applying current updates or downloading the latest Zoom software with all current security updates from
Description: Zoom Rooms for Windows clients before version 5.12.7 contain a local privilege escalation vulnerability. A local low-privileged user could exploit this vulnerability in an attack chain to escalate their privileges to the SYSTEM user.Users can help keep themselves secure by applying current updates or downloading the latest Zoom software with all current security updates from
Description: Zoom for Android clients before version 5.13.0 contain a path traversal vulnerability. A third party app could exploit this vulnerability to read and write to the Zoom application data directory.Users can help keep themselves secure by applying current updates or downloading the latest Zoom software with all current security updates from
Description: Zoom Rooms for macOS clients before version 5.11.3 contain a local privilege escalation vulnerability. A local low-privileged user could exploit this vulnerability to escalate their privileges to root.Users can help keep themselves secure by applying current updates or downloading the latest Zoom software with all current security updates from
Description: Zoom Rooms for macOS clients before version 5.11.4 contain an insecure key generation mechanism. The encryption key used for IPC between the Zoom Rooms daemon service and the Zoom Rooms client was generated using parameters that could be obtained by a local low-privileged application. That key can then be used to interact with the daemon service to execute privileged functions and cause a local denial of service.Users can help keep themselves secure by applying current updates or downloading the latest Zoom software with all current security updates from
Description: The Zoom Rooms Installer for Windows prior to 5.12.6 contains a local privilege escalation vulnerability. A local low-privileged user could exploit this vulnerability during the install process to escalate their privileges to the SYSTEM user.Users can help keep themselves secure by applying current updates or downloading the latest Zoom software with all current security updates from
Description: The Zoom Client for Meetings Installer for macOS (Standard and for IT Admin) before version 5.12.6 contains a local privilege escalation vulnerability. A local low-privileged user could exploit this vulnerability during the install process to escalate their privileges to root.Users can help keep themselves secure by applying current updates or downloading the latest Zoom software with all current security updates from
Description: Windows 32-bit versions of the Zoom Client for Meetings before 5.12.6 and Zoom Rooms for Conference Room before version 5.12.6 are susceptible to a DLL injection vulnerability. A local low-privileged user could exploit this vulnerability to run arbitrary code in the context of the Zoom client.Users can help keep themselves secure by applying current updates or downloading the latest Zoom software with all current security updates from
Description: The Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.12.6 is susceptible to a local information exposure vulnerability.A failure to clear data from a local SQL database after a meeting ends and the usage of an insufficiently secure per-device key encrypting that database results in a local malicious user being able to obtain meeting information such as in-meeting chat for the previous meeting attended from that local user account. Users can help keep themselves secure by applying current updates or downloading the latest Zoom software with all current security updates from
Description: The Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.12.2 is susceptible to a URL parsing vulnerability. If a malicious Zoom meeting URL is opened, the malicious link may direct the user to connect to an arbitrary network address, leading to additional attacks including session takeovers.Users can help keep themselves secure by applying current updates or downloading the latest Zoom software with all current security updates from
Description: Zoom Client for Meetings for macOS (Standard and for IT Admin) starting with 5.10.6 and prior to 5.12.0 contains a debugging port misconfiguration. When camera mode rendering context is enabled as part of the Zoom App Layers API by running certain Zoom Apps, a local debugging port is opened by the Zoom client. A local malicious user could use this debugging port to connect to and control the Zoom Apps running in the Zoom client.Users can help keep themselves secure by applying current updates or downloading the latest Zoom software with all current security updates from
Description: The Zoom Client for Meetings for macOS (Standard and for IT Admin) starting with version 5.7.3 and before 5.11.6 contains a vulnerability in the auto update process. A local low-privileged user could exploit this vulnerability to escalate their privileges to root.Note: This issue allows for a bypass of the patch issued in 5.11.5 to address CVE-2022-28756.Users can help keep themselves secure by applying current updates or downloading the latest Zoom software with all current security updates from
Description: The Zoom Client for Meetings for macOS (Standard and for IT Admin) before version 5.11.3 contain a vulnerability in the package signature validation during the update process. A local low-privileged user could exploit this vulnerability to escalate their privileges to root.Users can help keep themselves secure by applying current updates or downloading the latest Zoom software with all current security updates from
Description: Zoom Rooms for Conference Rooms for Windows versions before 5.11.0 are susceptible to a Local Privilege Escalation vulnerability. A local low-privileged malicious user could exploit this vulnerability to escalate their privileges to the SYSTEM user.Users can help keep themselves secure by applying current updates or downloading the latest Zoom software with all current security updates from
Description: The Zoom Client for Meetings for Windows before version 5.10.0 and Zoom Rooms for Conference Room for Windows before version 5.10.0, fails to properly check the installation version during the update process. This issue could be used in a more sophisticated attack to trick a user into downgrading their Zoom client to a less secure version. Users can help keep themselves secure by applying current updates or downloading the latest Zoom software with all current security updates from
Description: A vulnerability in Zoom On-Premise Meeting Connector Controller version 4.8.102.20220310 and On-Premise Meeting Connector MMR version 4.8.102.20220310 exposes process memory fragments to connected clients, which could be observed by a passive attacker.Users can help keep themselves secure by applying current updates or downloading the latest Zoom software with all current security updates.
Description: The Zoom Client for Meetings chat functionality was susceptible to Zip bombing attacks in the following product versions: Android before version 5.8.6, iOS before version 5.9.0, Linux before version 5.8.6, macOS before version 5.7.3, and Windows before version 5.6.3. This could lead to availability issues on the client host by exhausting system resources.Users can help keep themselves secure by applying current updates or downloading the latest Zoom software with all current security updates from
Description: A buffer overflow vulnerability was discovered in the products listed in the Affected Products'' section of this bulletin. This can potentially allow a malicious actor to crash the service or application, or leverage this vulnerability to execute arbitrary code.Zoom has addressed this issue in the latest releases of the products listed in the section below. Users can help keep themselves secure by applying current updates or downloading the latest Zoom software with all current security updates.
Description: The Keybase Client for Windows before version 5.7.0 contains a path traversal vulnerability when checking the name of a file uploaded to a team folder. A malicious user could upload a file to a shared folder with a specially crafted file name which could allow a user to execute an application which was not intended on their host machine. If a malicious user leveraged this issue with the public folder sharing feature of the Keybase client, this could lead to remote code execution.Keybase addressed this issue in the 5.7.0 Keybase Client for Windows release. Users can help keep themselves secure by applying current updates or downloading the latest Keybase software with all current security updates from 2ff7e9595c
Comments