Zoom Vulnerability macOS can monitor users

The problem is found in the Zoom application. While it is not completely eliminated, it is recommended to disable some options.

a computer security expert Jonathan Leytshu (Jonathan Leitschuh) I told of them found a vulnerability in the application for videoconferencing Zoom. This popular service on macOS can become a loophole to spy on users of Apple computers.

The problem lies in the architectural vulnerabilities Zoom. To improve the interaction with the user program creates a local server on your PC. He is the source of a potential threat. Attackers can access it remotely.

In fact, this vulnerability can activate webcam computer forcibly. Moreover, the program created by the server can be activated even after removal of Zoom. Users only need to click on a link to a video conference invitation.

Leytshu told about the problem more Zoom developers in March, warning that publishes data on it after 90 days. However, according to experts, the company got off a temporary solution, he offered them at the beginning. Completely it does not eliminate the problem.

Zoom representatives added that decide to update the July issue. In the meantime, to protect themselves from sleuthing You can disable the automatic activation program settings webcams in an incoming video conference invitation (figure above).

update 1: Zoom released a special patch that covers the reported vulnerability. It removes from the local server computer users that have caused problems. This was reported in statement the official website of Zoom. All users of the service now needs simply to update the client.

update 2: TechCrunch reportsThat Apple itself has decided to play safe by releasing a special patch for MacOS, which addresses the vulnerability Zoom. The update is automatically installed and removes the local web server application. Action by the user is not required.