Published in News

Mac version of Zoom turns on your camera

by on09 July 2019
Mac version of Zoom turns on your camera


Turns on your device even when you don’t want to

Security researcher Jonathan Leitschuh has publicly disclosed a severe zero-day vulnerability for the Zoom video conference app on Macs that could allow websites to turn on user cameras without permission.

According to the Verge reports, any website can open up a video-enabled call on a Mac with the Zoom app installed. That's possible in part because the Zoom app installs a web server on Macs that accepts requests regular browsers wouldn't.

If you uninstall Zoom, that web server persists and can reinstall Zoom without your intervention.

Leitschuh said how he responsibly disclosed the vulnerability to Zoom back in late March, giving the company 90 days to solve the problem.

Zoom doesn't appear to have done enough to resolve the issue. The vulnerability was disclosed to both the Chromium and Mozilla teams, but since it's not an issue with their browsers, there's not much those developers can do.

You can "patch" the vulnerability by making sure the Mac app is up to date and disable the setting that allows Zoom to turn your camera on when joining a meeting. "

Uninstalling Zoom won't fix this problem, as that webserver persists on your Mac. Turning off the webserver requires running some terminal commands, which can be found at the bottom of the Medium post.

Last modified on 09 July 2019
Rate this item
(0 votes)
Tagged under
More in this category: « Apple continues to disappoint Wall Street IDC reports only a quarter have an AI plan »
back to top

Most popular

Latest comments

Read more about: