Apple issues a silent Mac update to fix Zoom webcam exploit

Yolanda Curtis
July 11, 2019

According to a report, Zoom worked with Apple to release the silent update.

Apple has fired an update to Mac users that ensures Zoom's controversial web server on Mac computers is no more.

The Cupertino company has now moved to fix the security flaw, helping users who may be unaware of the vulnerability, weren't in a rush to update their Zoom client, or had already uninstalled it.

The flaw only affects computers running Apple's MacOS, because Windows computers manage connections in a different way, the report says.

Additionally, if you've ever installed the Zoom client and then uninstalled it, you still have a localhost web server on your machine that will happily re-install the Zoom client for you, without requiring any user interaction on your behalf besides visiting a webpage.

More than 750,000 businesses around the world use Zoom's teleconferencing software.

Prior to the update, Eoin Keary, CEO and co-founder of edgescan, told MailOnline: 'A vulnerability in any software is unsurprising and can be fixed with a patch prior to disclosure if the vendor addresses the issue in a timely manner. "We expect the web server issue to be resolved today", Zoom spokesperson Priscilla McCarthy said to TechCrunch. Zoom was informed of the exploit but said that it did not plan to remove the feature because it was a "legitimate solution" that other service providers have used as well. The company said that it pushed the update to protect its users from the risks posed by the exposed web server. They continue to work even after uninstalling the app and can reinstall it without the user's permission.

The Zoom app is installed on about 4 million Macs, researcher Jonathan Leitschuh estimated.

But now, TechCrunch reports that Apple chose to step in regardless, launching a silent update for Macs that removes Zoom's web server functionality altogether. It seems that Zoom thinks that asking a user if they want to join a meeting is a "poor user experience". This is the process ID number of Zoom's phantom web server.

'Once the update is complete, the local web server will be completely removed on that device'.

Other reports by iNewsToday