Last week during the Def Con hacker conference, a worrying exploit in Zoom was shown off that could have potentially affected macOS users.

The exploit targets the Zoom installer for macOS. While Zoom requires special user permissions when being installed, after the installation, The Verge reports that the auto-update function runs in the background with super-user privileges. This means that users don’t have to grant special permissions every time an update comes through.

Unfortunately, a bug in how the app checked the updates meant that any file with the same name as Zoom’s signing certificate would pass checks and that opens the user up to malicious files being installed.

Perhaps most worrying is that founder of Objective-See Foundation, Patrick Wardle, who discovered the bug, alerted Zoom in December 2021. An update was pushed out to address the bug but the bug could still be exploited.

Now in its latest update the bug has been patched out completely and it’s not possible to sneak malicious files past Zoom’s installer using the exploit.

Should you be using a version of Zoom between versions 5.7.3 and 5.11.5(this is the latest version), you should update your client immediately. For additional safety we recommend heading directly to the Zoom client download page here.

Since 2020 Zoom has become the platform for video conferencing but you don’t have to download the client. To do this, simply head to this URL, key in the Meeting ID or Personal Link Name and launch the meeting from your browser.

This avoids having to download and install the app which is great if you’re managing your storage or trying to avoid bugs like the one above.