Apple pushes update to macOS to fix vulnerability in calling app Zoom

Spread the love

Apple has pushed an update to macOS that removes the local server of conference application Zoom if it is found. Apple does that because of the vulnerability that came to light earlier. Users do not have to perform the update themselves.

Apple confirms to TechCrunch that the update has been sent, removing the hidden web server that Zoom puts on macOS systems. The functioning of the app is not affected, but by removing the local server, users are no longer vulnerable, according to Apple.

At the beginning of this week it was announced that there is a vulnerability in Zoom that allows others to view webcams. When users install Zoom on a Mac, a local server is activated. This makes it possible to add new Zoom users to a video call. The api it uses is undocumented and can be manipulated, making it possible to access any Zoom meeting whose conference number can be traced.

The web server will remain on the system if users uninstall the Zoom software. Zoom itself released an update that also removed the local server, but users had to update the program themselves. By pushing the update to all systems, Apple fixes the vulnerability for all users, even if they are unaware and do not update the software, or if they previously uninstalled the software.

You might also like
Exit mobile version