Apple Pushes Automatic Mac Software Update to Remove Vulnerable Zoom Web Server
Earlier this week, a serious vulnerability with the Zoom video conferencing app for macOS was disclosed, with attackers potentially able to hijack users' webcams.
The vulnerability was particularly notable because Zoom had installed a hidden web server on users' computers in order to allow for automatic answering of incoming calls, and that web server was not only the weak point that could be exploited, but it also was not removed upon deletion of the app. As a result, users who had previously deleted Zoom might not even realize they were vulnerable to this potential attack.
After initially defending the decision to install a web server on users' machines to work around changes in Safari 12 that would have required users to click to accept incoming calls, Zoom later backtracked and released a patch to remove the web server from users' computers.
Apple has now taken things one step further and pushed out a silent macOS update that removes the web server, reports TechCrunch. The update is deployed automatically, so users don't have to manually apply it in order for it to take effect.
Although Zoom released a fixed app version on Tuesday, Apple said its actions will protect users both past and present from the undocumented web server vulnerability without affecting or hindering the functionality of the Zoom app itself.
The update will now prompt users if they want to open the app, whereas before it would open automatically.
Zoom told TechCrunch it was "happy to have worked with Apple on testing this update" and that it should resolve all issues with the web server.
In a blog post, Zoom says it will take further action this weekend by automatically having first-time users who select "Always turn off my video" default to having video off for all future meetings. In addition, Zoom will be improving its bug bounty program and security-related issue escalation process.
Popular Stories
The iPhone 14 Pro and Pro Max introduce some major improvements in camera technology, adding a 48-megapixel lens and low-light improvements across all lenses with the new Photonic Engine. We've spent the last week working on an in-depth comparison that pits the new iPhone 14 Pro Max against the prior-generation iPhone 13 Pro Max to see just how much better the iPhone 14 Pro Max can be.
Subscrib ...
Thursday September 29, 2022 12:38 pm PDT by
Juli CloverTony Blevins, Apple's vice president of procurement, is set to depart the company after he made a crude comment about his profession in a recent TikTok video, reports Bloomberg.
Blevins was in a video by TikTok creator Daniel Mac, who was doing a series on the jobs of people he spotted with expensive cars. After seeing Blevins in an expensive Mercedes-Benz SLR McLaren, Mac asked Blevins what ...
Wednesday September 28, 2022 4:27 pm PDT by
Juli CloverThe Dark Sky weather app that's owned by Apple is no longer available for download in the U.S. App Store, suggesting that it has been removed ahead of schedule.
Apple acquired Dark Sky back in March 2020 and has since incorporated elements of the app into the Weather app available on the iPhone (and soon, the iPad).
Dark Sky remained available for purchase as a standalone weather app...
The third beta of iOS 16.1 that was released earlier this week expands the Adaptive Transparency feature introduced with the second-generation AirPods Pro to the original AirPods Pro.
As noted on Reddit, first-generation AirPods Pro owners who also have the AirPods beta software will now see an "Adaptive Transparency" toggle in the AirPods section of the Settings app. The 5A304A beta...
Thursday September 29, 2022 7:26 am PDT by
Sami FathiSpeaking at Università Degli Studi di Napoli Federico II in Naples, Italy, Apple CEO Tim Cook said that not too long from today, people will wonder how they led a life without augmented reality, stressing the "profound" impact it will have on the not so distant future. At the university, Cook was awarded an Honorary Degree in Innovation and International Management and also sat down for a...
Thursday September 29, 2022 9:08 am PDT by
Sami FathiOne of the biggest new features in iOS 16 is a completely redesigned iPhone Lock Screen. The new Lock Screen is entirely customizable, letting you change the colors and fonts, add widgets and new wallpapers, and more to make your iPhone uniquely yours. Of course, even before iOS 16, you could customize your Lock Screen with a wallpaper of your choice. iOS 16 takes the Lock Screen wallpaper...
The Wall Street Journal's Joanna Stern recently traveled to Michigan to test Apple's new crash detection feature on the iPhone 14 and Apple Watch Ultra. In response, Apple provided some additional information about how the feature works.
Stern recruited Michael Barabe to crash his demolition derby car with a heavy-duty steel frame into two unoccupied vehicles parked in a junkyard — a 2003...
The iPhone 14 and iPhone 14 Pro models bring over a longstanding Mac feature, but the setting to enable it is off by default.
The feature, which is actually a new accessibility option, allows the iPhone to play a startup chime like the Mac. When enabled, the sound comes alongside a new shutdown chime.
The Mac has featured a startup chime since 1987's Macintosh II, and the iconic "bong"...
This week's best Apple deals focus on the AirPods Pro, AirPods Pro 2, and M2 MacBook Air, including numerous all-time low prices on these devices. You'll also find up to 50 percent off discounts on Anker and Eufy accessories on Amazon.
Note: MacRumors is an affiliate partner with some of these vendors. When you click a link and make a purchase, we may receive a small payment, which helps us...
Wednesday September 28, 2022 10:22 am PDT by
Juli CloverApple has seen high demand for the 6.7-inch iPhone 14 Pro Max, which could lead the company to further differentiate the next-generation iPhone 15 Pro and Pro Max, according to Apple analyst Ming-Chi Kuo. Apple could add exclusive features to the iPhone 15 Pro Max in an effort to encourage more people to purchase the larger and more expensive device.
Kuo last week said that Apple asked...
Top Rated Comments
I love it when Apple does this. They keep developers in check, like they did recently with Facebook. They also have a protection mechanism built into iOS that can remotely wipe rogue apps off every person’s device in the world. They’re the only company with the balls to do it and the security and privacy mindset to pull it off. May security and privacy forever be their #1 goal. Seriously, bless those beautiful engineers. They’re far from perfect, but among the best there is.
This is a disaster for Zoom. They had one of the best brands in the comms space, and they are destroying it with this “feature”’ which makes Macs vulnerable and then trying to pass this off like it’s no big deal. It’s breathtaking how tone deaf they are.
It’s despicable, and Zoom better act fast before they are dead to enterprises. No CIO/CTO will risk their career because a vendor has a slightly easier user experience.
This is company destroying stupidity and Zoom better act while they still can. Otherwise, they will be a business school case study of what not to do in a crisis.