“The appeal of injection a library into Zoom, revolves around its (user-granted) access to the mic and camera. Once our malicious library is loaded into Zoom’s process/address space, the library will automatically inherit any/all of Zooms access rights/permissions!
This means that if the user as given Zoom access to the mic and camera (a more than likely scenario), our injected library can equally access those devices.”
This means that if the user as given Zoom access to the mic and camera (a more than likely scenario), our injected library can equally access those devices.”
https://objective-see.org/blog/blog_0x56.html