Apple update kills off Zoom web server

Apple update kills off Zoom web server

Zoom's software installs a web server on user's computers, created to quickly launch Zoom's software when users click a link.

News of the exploit first came via security researcher Jonathan Leitschuh, who published a detailed Medium post demonstrating how Zoom's insecure implementation of a feature called "click-to-join", which enables easy video meetings, could be used to connect Mac users to a chat room and activate their webcams without their knowledge by embedding some code in a website.

This local web server not only keeps running in the background, but actually re-installs the Zoom client, in the background, as soon as the user's Mac gets a request for a video call - a request that can easily be buried in a malicious web page.

Security researcher Jonathan Leitschuh revealed this week that Zoom makes it possible for websites to add you to a call by activating your webcam without permission.

Teleconferencing software Zoom's emergency patch to fix a major flaw that could allow hackers to spy on Mac users through their webcam with zero interaction on their part wasn't enough for Apple, who have quietly rolled out a patch of its own to address the issue.

More news: President Trump is ‘Very Seriously’ Considering Executive Order for Census Citizenship Question

A security defect including video conferencing instrument Zoom could leave the cameras on Mac PCs helpless against aggressors, a security analyst claims.

Apple said the update protects past and present Zoom users from the vulnerabilities found by Leitschuh, and Zoom told TechCrunch that the company is "happy to have worked with Apple" on the update.

A Zoom spokesperson told Forbes, however, that it had begun analyzing the problem within 10 minutes of learning about it, and that the ability to have one-click access to join videoconferencing calls was meant to address poor user experiences for those running Apple's Safari 12 web browser.

Users were not thrilled by the proposed tweak, causing Zoom to release a complete patch for the vulnerability, according to Wired. Even if you uninstalled Zoom, the web server persisted on your machine and could even reinstall the application automatically. This generally involves someone sending a unique link to someone over the web, which they can click to join a meeting. We've reached out to Apple regarding that question and will report if we hear more on that. The update ensures the webserver is removed-even if customers have uninstalled Zoom or haven't installed Tuesday's update.

According to Zoom, updating will 'remove the local web server entirely'.