Technology

Beware! Video conferencing app ‘Zoom’ has a major vulnerability

A security researcher Jonathan Leitschuh has publicly revealed major vulnerability in Zoom — a video conferencing app, on Macs. He disclosed that any website can open up a video-enabled call on Mac with the Zoom app installed. The reason why it happens is that the app apparently installs a web server on Macs that accept even those requests which other browsers usually reject.

Moreover, even if you uninstall the Zoom app from your Macs, that web server which the app had installed stays, and can reinstall Zoom without your permission or involvement. The Verge reports that they have confirmed the claim made by Jonathan and that the vulnerability is real. It also reports that “clicking a link if you have previously installed the Zoom app (and haven’t checked a certain checkbox in settings) will auto-join you to a conference call with your camera on”.

Leitschuh further reveals that he disclosed the vulnerability to the developers of Zoom app back in March, but the company has not done anything to solve the issue. He said that he gave the company 90 days to solve the problem but they didn’t.

The existence of web server on users computers poses other serious threats as well. For instance, in older versions of Zoom, it was possible to authorize a denial of service attack on Macs by continuously pinging the web server. Leitschuh writes, “By simply sending repeated GET requests for a bad number, Zoom app would constantly request ‘focus’ from the OS”.


You can solve this issue by ensuring the Mac app is up to date and also you have to disable the setting in the app that allows Zoom to turn-on your camera when joining a meeting, as shown in the image above. Simply, uninstalling the Zoom app won’t solve this problem, as that web server persists on your Mac.

If you are facing the same issue with the Zoom app, and want to fix this issue permanently, you have to run some terminal commands which you can find through here.

Sponsored
Faisal Saeed

Share
Published by
Faisal Saeed
Tags: Zoom

Recent Posts

What’s New in iOS 18.2.1? Here’s What You Should Know

iOS 18.2 introduces thrilling new features like Visual Intelligence, Image Playground, and upgraded writing tools.…

14 mins ago

Federal Govt Official Urges ‘Less’ Internet Use, Only for Important Matters

On Sunday, Syed Sajid Mehdi, Pakistan's Parliamentary Secretary for the Cabinet Division, proposed a solution…

30 mins ago

Federal Government Announces December 25 as Public Holiday

ISLAMABAD: The federal government has declared December 25, 2024, as a public holiday to mark…

33 mins ago

Samsung Terminates Employees Over Galaxy S25 Ultra Images Leak

An early setback occurred for Samsung's much anticipated Galaxy S25 series when unauthorized photographs of…

51 mins ago

NADRA Warns Against Excessive Photocopying of Sensitive Documents

ISLAMABAD: According to a public advisory from the National Database and Registration Authority (NADRA), Pakistani…

2 hours ago

Phase 2 of Honhar Scholarship Program Officially Launched

The Honhar Scholarship Program Phase II, inaugurated by Chief Minister Maryam Nawaz Sharif of Punjab,…

2 hours ago