Technology

Beware! Video conferencing app ‘Zoom’ has a major vulnerability

A security researcher Jonathan Leitschuh has publicly revealed major vulnerability in Zoom — a video conferencing app, on Macs. He disclosed that any website can open up a video-enabled call on Mac with the Zoom app installed. The reason why it happens is that the app apparently installs a web server on Macs that accept even those requests which other browsers usually reject.

Moreover, even if you uninstall the Zoom app from your Macs, that web server which the app had installed stays, and can reinstall Zoom without your permission or involvement. The Verge reports that they have confirmed the claim made by Jonathan and that the vulnerability is real. It also reports that “clicking a link if you have previously installed the Zoom app (and haven’t checked a certain checkbox in settings) will auto-join you to a conference call with your camera on”.

Leitschuh further reveals that he disclosed the vulnerability to the developers of Zoom app back in March, but the company has not done anything to solve the issue. He said that he gave the company 90 days to solve the problem but they didn’t.

The existence of web server on users computers poses other serious threats as well. For instance, in older versions of Zoom, it was possible to authorize a denial of service attack on Macs by continuously pinging the web server. Leitschuh writes, “By simply sending repeated GET requests for a bad number, Zoom app would constantly request ‘focus’ from the OS”.


You can solve this issue by ensuring the Mac app is up to date and also you have to disable the setting in the app that allows Zoom to turn-on your camera when joining a meeting, as shown in the image above. Simply, uninstalling the Zoom app won’t solve this problem, as that web server persists on your Mac.

If you are facing the same issue with the Zoom app, and want to fix this issue permanently, you have to run some terminal commands which you can find through here.

Sponsored
Faisal Saeed

Share
Published by
Faisal Saeed
Tags: Zoom

Recent Posts

Rumors Indicate iPhone 17 May Feature Unconventional Camera Design

Apple is reportedly preparing for a significant design overhaul with its iPhone 17 series, blending…

11 hours ago

First AI-Powered Teacher Launched in Pakistan’s Private School

Karachi: A private school in Karachi has unveiled Pakistan’s first AI-powered teacher, a groundbreaking move…

13 hours ago

Yahoo Surprises Users with Its Latest Android Launcher

Third-party apps have long been a staple of the Android ecosystem, but their appeal has…

14 hours ago

Phase-II Review of PTCL-Telenor Deal Finalized by CCP

ISLAMABAD: The Competition Commission of Pakistan (CCP) has completed its Phase-II review of Pakistan Telecommunication…

14 hours ago

Xiaomi’s SU7 Achieves New Production Record, Driving Q3 Growth

Xiaomi has shattered records by producing 100,000 vehicles in just 230 days. This is nearly…

15 hours ago

Teachers Can Now Access OpenAI’s Free AI Course

OpenAI, in collaboration with nonprofit organization Common Sense Media, announced on Wednesday the launch of…

16 hours ago