Apple Removed the Zoom Vulnerability



Good news for Mac users who had Zoom installed on their computers! TechCrunch reported that Apple has released a silent update for Mac users that removes a vulnerable component in Zoom. The update does not require any user interaction and is deployed automatically.

Apple often pushes silent signature updates to Macs to thwart known malware – similar to an anti-malware service – but it’s rare for Apple to take action publicly against a known or popular app. The company said it pushed the update to protect users from the risks posed by the exposed web server.

TechCrunch quoted Zoom spokesperson Priscilla McCathy who said (in part): “We are happy to have worked with Apple on testing this update.”

Apple’s update comes after Zoom released a fix for the vulnerability that enabled nefarious people to put a link into a website that would automatically cause a Zoom user to connect to Zoom with their video running.

The patch does two things. It removes the local web server entirely, once the Zoom client has been updated. In other words, it completely removes the local web sever from a Mac. The patch also allows users to manually uninstall Zoom.

Mac users may see a pop-up in Zoom that tells them to update their Zoom client. There is a link on the Zoom blog where you can download the update. Or, you can check for updates by opening your Zoom app window.


Leave a Reply

*

This site uses Akismet to reduce spam. Learn how your comment data is processed.