Technology
Apple took action to fix Zoom flaw, which proves how serious it was
Yesterday, video conferencing service Zoom released an update for its Mac client, removing the controversial web server functionality that opened up the possibility of someone launching a video call on user’s computer without permission.
But now, TechCrunch reports that Apple decided to step in regardless, launching a silent update for Macs that removes Zoom’s web server functionality altogether.
The local web server, which Zoom used to quietly install on user computers, improved some usability aspects of Zoom, but opened up massive potential for misuse, as first documented by security researcher Jonathan Leitschuh.
Apple said the update protects past and present Zoom users from the vulnerabilities found by Leitschuh, and Zoom told TechCrunch that the company is “happy to have worked with Apple” on the update.
The fact that Apple moved in with a patch that fixes a third party app — something the company very rarely does — speaks volumes. A third party app that installs a local web server on your computer without telling you, allowing such “features” as automatically reinstalling the Zoom app even after you’ve uninstalled it, is horrible for your system’s security.
And the fact that Zoom initially downplayed the vulnerabilities, calling them “low risk,” and defended its use of the hidden web server, shows the importance of the work of independent security researchers, which are often the first to disprove such claims.
In a blog post Wednesday, Zoom CEO Eric S. Yuan wrote that the company would launch a public vulnerability disclosure program in the “next few weeks.” He also wrote that the company has “taken steps to improve our process for receiving, escalating, and closing the loop on all future security-related concerns.”
-
Entertainment6 days ago
‘The Last Showgirl’ review: Pamela Anderson leads a shattering ensemble as an aging burlesque entertainer
-
Entertainment6 days ago
Polyamorous influencer breakups: What happens when hypervisible relationships end
-
Entertainment5 days ago
‘The Room Next Door’ review: Tilda Swinton and Julianne Moore are magnificent
-
Entertainment4 days ago
‘The Wild Robot’ and ‘Flow’ are quietly revolutionary climate change films
-
Entertainment4 days ago
Mars is littered with junk. Historians want to save it.
-
Entertainment5 days ago
CES 2025 preview: What to expect
-
Entertainment3 days ago
Should you buy the 2024 Kindle Paperwhite Signature Edition?
-
Entertainment2 days ago
2024: A year of digital organizing from Palestine to X