Apple has pushed a silent update to Mac users that removes a hidden web server from Zoom users’ machines. The Zoom web- and video-conferencing service has come under scrutiny for its handling of a zero-day bug (CVE-2019–13450) found by researcher Jonathan Leitschuh, which would allow an attacker to hijack a user’s web camera without their permission. However, the researcher also flagged a concerning persistence feature in the service: Even if users uninstalled the Zoom client, the service maintained a web-facing connection on computers via a hidden localhost web server. “If you’ve ever installed the Zoom client and then uninstalled it, you still have a localhost web server on your machine that will happily re-install the Zoom client for you, without requiring any user interaction on your behalf besides visiting a webpage,” explained Leitschuh, adding that this deepens the security risk from the vulnerability. Apple’s update – automatically pushed to users without any need for action on their part – removes the hidden Zoom web server. It’s a move that the Cupertino, Calif.-based giant usually reserves for addressing malware. “We’re happy to have worked with Apple on testing this update,” Zoom said in a media statement. “We appreciate our users’ patience as we continue to work through addressing their concerns.” Apple’s update is somewhat superfluous (though automatic): Zoom itself released an emergency fix earlier this week that also removes the web server, and the platform now allows users to manually uninstall Zoom completely. The update is the result of media attention in the wake of Leitschuh’s responsible public disclosure of the flaw, which highlighted Zoom’s incomplete fix for the bug and slow action on its part in working with him. On July 12, Zoom will further update the client to address the concern around enabling video on by default. First-time users who select the “always turn off my video” pop-up box will automatically have their video preference saved, it announced. The Zoom flaw affects about 4 million workers that use Zoom for Mac. Don’t miss our free live Threatpost webinar, “Streamlining Patch Management,” on Wed., July 24, at 2:00 p.m. EDT. Please join Threatpost editor Tom Spring and a panel of patch experts as they discuss the latest trends in Patch Management, how to find the right solution for your business and what the biggest challenges are when it comes to deploying a program. Register and Learn More
https://govanguard.io/wp-content/uploads/2018/04/Header_Logo.png 0 0 govanguard https://govanguard.io/wp-content/uploads/2018/04/Header_Logo.png govanguard2019-07-11 10:04:002019-07-11 10:04:00Apple Issues Silent Update Removing Zoom's Hidden Server
Our Standard Office Hours
Monday – Friday: 8:00AM – 5:00PM EDT
Saturday – Sunday: Closed
Where to Find Us
Data Privacy Notice
- – All product names, logos, and brands are property of their respective owners.
- – The use of these names, logos, and brands is for identification purposes only and does not imply endorsement.
- – Content syndication and aggregation of public information is solely for the purpose of identifying information security trends, all syndicated content contains source links to the content creator website. All content is owned by it’s respective content creators.
- – If you are an owner of some content and want it to be removed, please email email@example.com