Latest in Gear

Image credit:

Zoom will remove server behind Mac webcam security hole

A patch will address the potential for snooping and flooding attacks.
Jon Fingas, @jonfingas
July 9, 2019
2 Shares
Share
Tweet
Share

Sponsored Links

AP Photo/Mark Lennihan

Zoom is acting quickly on the security flaw that let intruders hijack Mac users' webcams. The video conferencing firm is releasing a patch on July 9th (that's today, if you're reading in time) that removes access to the local web server behind the vulnerability. It'll also let you manually uninstall Zoom and remove all traces of the app so that there's no chance of an exploit later on. Another update, due for the weekend of July 12th, will also ensure that rookies who choose "always turn off my video" will automatically have their preferences honored in those situations where a meeting host would normally require that video switches on.

The company had previously defended its earlier decisions. The web server only responded to requests from the local computer, Zoom said. It argued that this was more convenient than having to confirm launching the Zoom client every time you wanted to get into a meeting. It also fixed a denial-of-service bug in May, although it didn't require an update as this was deemed a "low-risk vulnerability."

This won't be a huge issue unless you're regularly using Macs for work-related video conversations, but it promises to be a relief for the corporate crowd. It also illustrates the sheer amount of pressure to be transparent and quick about addressing security holes in the modern tech world. Researcher Jonathan Leitschuh, who discovered the flaw, noted that Zoom's newfound willingness to patch out the web service represented an "about face" -- it went from rationalizing its existing strategy to planning a fix in a matter of hours.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
2 Shares
Share
Tweet
Share

Popular on Engadget

NASA will fund six more Artemis missions as it plans return to the moon

NASA will fund six more Artemis missions as it plans return to the moon

View
Amazon has eliminated single-use plastic at its Indian fulfilment centers

Amazon has eliminated single-use plastic at its Indian fulfilment centers

View
Google reveals its new Nest smart speaker

Google reveals its new Nest smart speaker

View
CommStar will launch a relay satellite to talk to astronauts on the Moon

CommStar will launch a relay satellite to talk to astronauts on the Moon

View
Amazon-owned Ring is preparing its first smart light bulb

Amazon-owned Ring is preparing its first smart light bulb

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr