HACKINTOSH.ORG | Macintosh discussion forums

Macintosh News => Apple News => Topic started by: HCK on July 10, 2019, 04:05:13 pm



Title: Zoom Mac app flaw sparks serious security concerns—and it’s up to you to fix it
Post by: HCK on July 10, 2019, 04:05:13 pm
Zoom Mac app flaw sparks serious security concerns—and it’s up to you to fix it

<article>
   <section class="page">
<p>If you’ve ever downloaded the Zoom app to participate in a video conference, your Mac may be at risk—even if you’ve already deleted it. <a href="https://medium.com/@jonathan.leitschuh/zoom-zero-day-4-million-webcams-maybe-an-rce-just-get-them-to-visit-your-website-ac75c83f4ef5" rel="nofollow">In a Medium post[/url], security researcher Jonathan Leitschuh discovered a serious flaw that could allow a website to access your Mac’s camera without your knowledge or permission.</p><p>As Leitschuh explains, the vulnerability stems from Zoom’s quest for simplicity. As the service works, you can just send anyone a Zoom meeting link which will in turn automatically open the Zoom client installed on their machine. In case you’ve deleted the app, Zoom keeps a localhost web server running silently on your Mac, Leitschuh said, so the Zoom client will reinstall when a link is clicked without requiring any user interaction on your behalf besides visiting a webpage.</p><p class="jumpTag"><a href="/article/3407764/zoom-mac-app-flaw-security-camera.html#jump">To read this article in full, please click here[/url]</p></section></article>

Source: Zoom Mac app flaw sparks serious security concerns—and it’s up to you to fix it (https://www.macworld.com/article/3407764/zoom-mac-app-flaw-security-camera.html#tk.rss_all)