Zoom Msi Full Installer
Alberta Hagley
One additional situation to check. I have my download destination set to an iCloud folder (so that I can access downloads on my desktop at work and on my laptop at home)... I was getting the same error, when I realized that the installer was living in iCloud, rather than locally. I dragged the installer to my desktop and BOOM- installed. Do I feel silly, yes... yes I do.
LC8 went into settings, Privacy and Security, Files and Folders, then clicked on an arrow to the left of installer, which brings up the option to allow access to the downloads folder. This needs to be toggled on.
I am using Ubuntu 20.04 and have Zoom in version 5.04084598.0517. Zoom shows an update to be available, so I downloaded it from the web page, and opened the deb file with the software installer. What then shows up is the following:
You can just download the zoom.pkg from Zoom's website and put it into a Jamf policy and set the triggers to whatever you wish. We use recurring check-in and login triggers. Then scope it to the appropriate groups or in your case, all computers. Any updates after that can just be repushed and should update the currently installed version.
Heads up, but they have two installers if memory serves; one for commercial and one for IT Admins. The current commercial one has a line to open the app at the end of the post install, and even when runs as part of a policy the logged in user was still prompted to allow access to Desktop/Documents/Downloads etc per Catalina. PPPC controls could mitigate this but it can be a little jarring if folks aren't aware.
Just to add my 2, you could also write a script that direct downloads (cURLs) the package from (which will always download the latest version of the Zoom installer, provided the vendor does not change their download URL anytime soon), then runs the installer command to install the pkg. I haven't worked on a way of automatically updating apps like Zoom yet, but putting something like what I've described above in Self Service will at least give users the ability to always grab the latest version every time.
I would like to have it set up so the Zoom.pkg version we have in our policy is installed only if zoom.us.app is missing on the computer. After that it is okay if users update Zoom from within the app when the app recommends it. As it is now the Zoom version we have in the policy keeps installing over any newer Zoom version people might have updated to every time the policy runs (i.e. at check-in).
Zoom is a web conferencing tool that is available to EVERYONE AT LTU (faculty, students, and staff).Quick Reference Guide: ZoomHow to Login
- Go to zoom.us
- Click Sign In , at the top right of the page
- Click the Google icon
- Enter your LTU Gmail Username and Password if it does not automatically appear, otherwise select your LTU gmail option
- Browser
- Canvas
- Smart DeviceGo to zoom.us from any browser.
- In the top right hover over Resources
- Click Download Zoom Client
You'll be directed to the Download Center.Under Zoom Client for Meetings click the Download button.Once the file has downloaded open it and walk through the install process.Log in to Canvas and go to any of your courses where you are going to set up a meeting. - Click on Zoom in the Course Navigation
- Select Schedule a New Meeting
- Browser
- Canvas
- Smart DeviceGo to zoom.us from any browser and select Sign inOn sign in screen, scroll down and sign in with Google ( use your LTU email credentials )Go to Canvas course. Select Zoom from course navigation.Note: The following screenshots are from an iOS platform, but the instructions are identical regardless of iOS/Android operating systems.
How to Access
- Once loaded click Sign In at the bottom right
- Click the Google 'G' icon at the bottom.
- If asked for Zoom to use zoom.us to sign in click Continue .
The attackers set up a phishing website that contained a download button. When users clicked on the button, they were prompted to download a Zoom installer file from the URL: hxxps[:]//explorezoom[.]com/products/app/ZoomInstallerFull[.]exe. However, the file was a disguised version of the IcedID malware. The figure below shows the Zoom phishing site.
ZoomIt is a screen zoom, annotation, and recording tool for technical presentationsand demos. You can also use ZoomIt to snip screenshots to the clipboard or to a file.ZoomIt runs unobtrusively in the tray and activates with customizablehotkeys to zoom in on an area of the screen, move around while zoomed, and draw onthe zoomed image. I wrote ZoomIt to fit my specific needs and use it in all mypresentations.
The first time you run ZoomIt it presents a configuration dialog thatdescribes ZoomIt's behavior, let's you specify alternate hotkeys forzooming and for entering drawing mode without zooming, and customize thedrawing pen color and size. I use the draw-without-zoom option toannotate the screen at its native resolution, for example. ZoomIt alsoincludes a break timer feature that remains active even when you tabaway from the timer window and allows you to return to the timer windowby clicking on the ZoomIt tray icon.
Duke users with an affiliation of faculty, staff, and student are eligible to have a Duke Zoom account. Users with an affiliation of affiliate must have a sponsor contact the Service Desk and provide a business case as to why the affiliate must host Duke Zoom meetings (otherwise, users can go to zoom.us and create a free Zoom account with a Duke email address to participate in meetings). NOTE: all other affiliations including pre-hire Duke employees require assistance from the Service Desk in order to have a Duke Zoom account for hosting meetings.
As such, today when Felix Seele also noted that the Zoom installer may invoke the AuthorizationExecuteWithPrivileges API to perform various privileged installation tasks, I decided to take a closer look. Almost immediately I uncovered several issues, including a vulnerability that leads to a trivial and reliable local privilege escalation (to root!).
As discussed in my DefCon presentation, the easiest way is answer this question is simply to run a process monitor, execute the installer package (or whatever invokes the AuthorizationExecuteWithPrivileges API) and observe the arguments that are passed to the security_authtrampoline (the setuid system binary that ultimately performs the privileged action):
To determine what libraries Zoom is linked against (read: requires), and thus will be automatically loaded by the macOS dynamic loader, we can use the otool with the -L flag: $ otool -L /Applications/zoom.us.app/Contents/MacOS/zoom.us /Applications/zoom.us.app/Contents/MacOS/zoom.us: @rpath/curl64.framework/Versions/A/curl64 /System/Library/Frameworks/Cocoa.framework/Versions/A/Cocoa /System/Library/Frameworks/Foundation.framework/Versions/C/Foundation /usr/lib/libobjc.A.dylib /usr/lib/libc++.1.dylib /usr/lib/libSystem.B.dylib /System/Library/Frameworks/AppKit.framework/Versions/C/AppKit /System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation /System/Library/Frameworks/CoreServices.framework/Versions/A/CoreServices
Downloading the Zoom app: You will be prompted to download the Zoom app automatically when you join your first meeting. You can also click here to download the Zoom app installer directly. When the download is complete, open the file to install Zoom.
760c119bf3