Critical Zoom Vulnerability on macOS Exposes Users to Webcam Surveillance
A cybersecurity expert has uncovered a significant security flaw in the Zoom video conferencing app for macOS, allowing unauthorized webcam access. While a patch has been released, users are advised to update immediately and adjust settings for enhanced protection.
A serious security vulnerability has been discovered in the Zoom video conferencing application for macOS. Until a complete fix is implemented, users are urged to disable certain features to protect their privacy.
Cybersecurity researcher Jonathan Leitschuh revealed a critical flaw in Zoom that could allow malicious actors to monitor Apple computer users through their webcams without consent.
The root of the issue lies in Zoom’s architecture, where the app creates a local web server on the user's machine to improve user experience. Unfortunately, this server can be exploited remotely by attackers.
This vulnerability essentially enables forced activation of the computer’s webcam. Alarmingly, the local server remains active even after Zoom is uninstalled, posing an ongoing security risk. Users only need to click on a conference invitation link to become vulnerable.
Leitschuh reported this flaw to Zoom’s developers in March, warning that he would disclose details publicly after 90 days if no adequate fix was made. However, according to the expert, Zoom initially implemented only a temporary workaround suggested by him, which fails to fully resolve the issue.
Zoom has announced plans to address the vulnerability with a July update. Meanwhile, users can enhance their security by disabling the automatic webcam activation feature for incoming conference invitations in Zoom’s settings (see image above).
Update 1: Zoom has released a dedicated patch that removes the local web servers responsible for the vulnerability from users’ computers. This update is available on Zoom’s official website, and all users are strongly encouraged to update their clients immediately.
Update 2: TechCrunch reports that Apple has also taken precautionary measures by deploying a macOS patch that automatically removes Zoom’s local web server, further mitigating the risk. This update installs silently without requiring user intervention.
Discover the latest news and current events in Technologies as of 16-07-2019. The article titled " Critical Zoom Vulnerability on macOS Exposes Users to Webcam Surveillance " provides you with the most relevant and reliable information in the Technologies field. Each news piece is thoroughly analyzed to deliver valuable insights to our readers.
The information in " Critical Zoom Vulnerability on macOS Exposes Users to Webcam Surveillance " helps you make better-informed decisions within the Technologies category. Our news articles are continuously updated and adhere to journalistic standards.